1227 matches found
Aruba ClearPass Policy Manager 命令注入漏洞
Aruba ClearPass Policy Manager is an application from Aruba, Inc. that provides a wireless network security access management system. Aruba ClearPass Policy Manager suffers from a command injection vulnerability that originates from the product not doing security checks on user input data, which...
OS Command Injection in falconchristmas/fpp
✍️ Description Hi, it is possible to inject arbitrary OS commands in https://github.com/FalconChristmas/fpp/blob/59b7f7e8039a7019143c2c4b44f7d95b6358a4ef/www/formatstorage.phpL24 php &1"; echo "Command: $command\n"; echo...
SonicWall NSM On-Prem 操作系统命令注入漏洞
SonicWall NSM On-Prem is an application from Sonicwall USA, Inc. It provides unlimited scalability to support thousands of SonicWall security appliances under its management. SonicWall NSM On-Prem suffers from an operating system command injection vulnerability that can be exploited by an attacke...
CVE-2021-24307
The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2 enables authenticated users with "aioseotoolssettings" privilege most of the time admin to execute arbitrary code on the underlying host. Users can restore plugin's configuration by uploading a backup...
Design/Logic Flaw
The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2 enables authenticated users with "aioseotoolssettings" privilege most of the time admin to execute arbitrary code on the underlying host. Users can restore plugin's configuration by uploading a backup...
OS Command Injection in falconchristmas/fpp
✍️ Description In https://github.com/FalconChristmas/fpp/blob/123cdf2eb11062766da333a7a4d85bc0bf620e47/www/runEventScript.phpL32 a command is built using unsanitized user input : php \n"; echo "\n"; system$SUDO . " $fppDir/scripts/eventScript $scriptDirectory/$script $args"; // scripts and args ar...
All in One SEO Pack < 4.1.0.2 - Admin RCE via unserialize
The plugin enables authenticated users with "aioseotoolssettings" privilege most of the time admin to execute arbitrary code on the underlying host. Users can restore plugin's configuration by uploading a backup .ini file in the section "Tool Import/Export". However, the plugin attempts to...
GravCMS Remote Command Execution
This module exploits arbitrary config write/update vulnerability to achieve remote code execution. Unauthenticated users can execute a terminal command under the context of the web server user. Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify...
GravCMS 1.10.7 Remote Command Execution Exploit
This Metasploit module exploits an arbitrary config write/update vulnerability to achieve remote code execution. Unauthenticated users can execute a terminal command under the context of the web server user. Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and...
China Mobile An Lianbao WF-1 router 操作系统命令注入漏洞
China Mobile An Lianbao WF-1 router is a router from China Mobile China. China Mobile An Lianbao WF-1 router 1.0.1 suffers from an operating system command injection vulnerability, which originates in the api/ZRFirmware/settimezone set time zone interface, that can be exploited by remote attacker...
GravCMS 1.10.7 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GravCMS Remote Command Execution', 'Description' = %q This module exploits arbitrary config write/update vulnerability to achieve remote code...
VulnCheck KEV: CVE-2021-27104
Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints...
CVE-2021-21425 Unauthenticated Arbitrary YAML Write/Update leads to Code Execution
Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify pages. In versions 1.10.7 and earlier, an unauthenticated user can execute some methods of administrator controller without needing any credentials. Particular method execution will result in...
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web pag...
CVE-2020-29553
The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website CSRF...
CVE-2020-29553
The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website CSRF...
CVE-2020-29553
The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website CSRF...
CVE-2020-13936
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache...
CVE-2020-13936
CVE-2020-13936 affects Apache Velocity, where modifying Velocity templates can bypass the sandbox and allow remote code execution with the container’s privileges. Engine versions affected include up to 2.2; IBM and related advisories flag this as a Velocity sandbox bypass leading to arbitrary cod...
CVE-2021-27878
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...