Lucene search
K

1224 matches found

NVD
NVD
added 2018/12/14 8:29 p.m.12 views

CVE-2018-19007

In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration in the Network Configuration panel is vulnerable to an OS system command injection as root...

10CVSS9.8AI score0.03882EPSS
Exploits0References2
CNVD
CNVD
added 2018/12/10 12:0 a.m.3 views

Moxa NPort W2x50A Operating System Command Injection Vulnerability

Moxa NPort W2x50A is a Moxa serial communication server for connecting industrial serial devices to a network. An operating system command injection vulnerability exists in the web server functionality of Moxa NPort W2x50A products with firmware prior to version 2.2 Build18082311. An attacker can...

9CVSS7.8AI score0.30868EPSS
Exploits3References1
Prion
Prion
added 2018/12/03 10:29 p.m.23 views

Command injection

System command injection in the /DroboAccess/deleteuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter...

7.5CVSS9.9AI score0.19994EPSS
Exploits5References2Affected Software1
NVD
NVD
added 2018/12/03 10:29 p.m.19 views

CVE-2018-14699

System command injection in the /DroboAccess/enableuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter...

9.8CVSS10AI score0.29398EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/03 10:0 p.m.17 views

CVE-2018-14706

System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request...

10AI score0.17113EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/03 10:0 p.m.29 views

CVE-2018-14701

System command injection in the /DroboAccess/deleteuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter...

10AI score0.19994EPSS
Exploits5References2
Cvelist
Cvelist
added 2018/12/03 10:0 p.m.21 views

CVE-2018-14699

System command injection in the /DroboAccess/enableuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter...

10AI score0.29398EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/28 12:0 a.m.3 views

TerraMaster TOS System Command Injection Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php file in...

9CVSS9.2AI score0.05185EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/28 12:0 a.m.2 views

TerraMaster TOS System Command Injection Vulnerability (CNVD-2018-26664)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php endpoint in...

9CVSS9.2AI score0.05945EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/28 12:0 a.m.3 views

TerraMaster TOS System Command Injection Vulnerability (CNVD-2018-26658)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php endpoint in...

9CVSS9.2AI score0.24946EPSS
Exploits1References1
NVD
NVD
added 2018/11/27 9:29 p.m.8 views

CVE-2018-13418

System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter...

9CVSS9.1AI score0.05185EPSS
Exploits1References1
OSV
OSV
added 2018/11/27 9:29 p.m.3 views

CVE-2018-13358

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter...

8.8CVSS5.9AI score0.24946EPSS
Exploits1References1
OSV
OSV
added 2018/11/27 9:29 p.m.7 views

CVE-2018-13336

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation...

9.8CVSS5.9AI score0.091EPSS
Exploits1References1
OSV
OSV
added 2018/11/27 9:29 p.m.3 views

CVE-2018-13330

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter...

7.2CVSS5.9AI score0.08136EPSS
Exploits1References1
NVD
NVD
added 2018/11/27 9:29 p.m.14 views

CVE-2018-13353

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter...

9CVSS9.2AI score0.05945EPSS
Exploits1References1
NVD
NVD
added 2018/11/27 9:29 p.m.18 views

CVE-2018-13358

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter...

9CVSS9.2AI score0.24946EPSS
Exploits1References1
Prion
Prion
added 2018/11/27 9:29 p.m.12 views

Command injection

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation...

10CVSS9.8AI score0.091EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/11/27 9:29 p.m.17 views

Command injection

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation...

10CVSS9.8AI score0.10226EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/11/27 9:29 p.m.12 views

Command injection

System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter...

9CVSS9.1AI score0.05185EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/27 9:29 p.m.18 views

CVE-2018-13330

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter...

9CVSS7.5AI score0.08136EPSS
Exploits1References1
Rows per page
Query Builder