Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. "These switches are widely used in building and home automation systems for a varie...

PT-2025-3387 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: The issue is related to an OS command injection vulnerability. This vulnerability can be exploited through the sHour parameter in the setWiFiScheduleCfg function. Recommendations: Fo...

CVE-2024-56497

An improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiMail versions 7.2.0 through 7.2.4 and 7.0.0 through 7.0.6 and 6.4.0 through 6.4.7, FortiRecorder versions 7.0.0 and 6.4.0 through 6.4.4 allows attacker to execute unauthorized code or...

CVE-2024-11864

Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP...

CVE-2024-11984

The CVE-2024-11984 vulnerability affects the Corporate Training Management System, specifically the epaper draft function. It describes an unrestricted upload of files with dangerous types that lets remote authenticated users bypass upload restrictions and run arbitrary commands with SYSTEM privi...

Fortinet FortiManager 操作系统命令注入漏洞

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains ADOM to further simplify the deployment and management of multi-device...

Multiple vulnerabilities in SHARP routers

Overview SHARP routers contain multiple vulnerabilities listed below. OS command injection vulnerability in the HOST name configuration screen CWE-78 - CVE-2024-45721 The hidden debug function is enabled CWE-489 - CVE-2024-46873 Buffer overflow vulnerability in the hidden debug function CWE-120 -...

FXC AE1021和FXC AE1021PE 操作系统命令注入漏洞

FXC AE1021 and FXC AE1021PE are both products of FXC Corporation.FXC AE1021 is a panel wireless router with integrated RJ-45, RJ-11, and power ports.FXC AE1021PE is a wireless LAN router with support for information egress. An operating system command injection vulnerability exists in the FXC...

CVE-2024-28138

An unauthenticated attacker with network access to the affected device's web interface can execute any system command via the "msgevents.php" script as the www-data user. The HTTP GET parameter "data" is not properly sanitized...

CVE-2024-28138

Summary of CVE-2024-28138 : An unauthenticated attacker with network access to the affected device’s web interface can execute arbitrary system commands via the image processing script (msg_events.php / msg events.php) because the HTTP GET parameter data is not properly sanitized. This allows com...

Lorex 2K Indoor Wi-Fi Security Camera: Multiple Vulnerabilities (FIXED)

The Lorex 2K Indoor Wi-Fi Security Camera is a consumer security device that provides cloud-based video camera surveillance capabilities. This device was a target at the 2024 Pwn2Own IoT competition. Rapid7 developed an unauthenticated remote code execution RCE exploit chain as an entry for the...

Asterisk AMI Originate Authenticated Remote Code Execution Exploit

On Asterisk, prior to versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with write=originate may change all configuration files in the /etc/asterisk/ directory. Writing a new extension can be created which performs a system command to...

Asterisk AMI Originate Authenticated RCE

On Asterisk, prior to versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with 'write=originate' may change all configuration files in the '/etc/asterisk/' directory. Writing a new extension can be created which performs a system command to...

PT-2024-34567 · Totolink · Totolink-Cx-N150Rt +3

Name of the Vulnerable Software and Affected Versions: TOTOLINK-CX-A3002RU version 1.0.4-B20171106.1512 TOTOLINK-CX-N150RT version 2.1.6-B20171121.1002 TOTOLINK-CX-N300RT versions 2.1.6-B20170724.1420 through 2.1.8-B20191010.1107 TOTOLINK-CX-N302RE version 2.0.2-B20170511.1523 Description: A...

CVE-2024-50366

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

CVE-2024-50364

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The source of the vulnerability relies on...

mySCADA myPRO 操作系统命令注入漏洞

mySCADA myPRO is a professional HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO Manager, which can be exploited by an attacker to inject arbitrary operating system commands...

GHSA-49CC-XRJF-9QF7 SFTPGo allows administrators to restrict command execution from the EventManager

Impact One powerful feature of SFTPGo is the ability to have the EventManager execute scripts or run applications in response to certain events. This feature is very common in all software similar to SFTPGo and is generally unrestricted. However, any SFTPGo administrator with permission to run a...

CVE-2024-21786

An OS command injection vulnerability exists in the web interface configuration upload functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

PT-2024-22222 · Unknown · Mc Lr Router

Name of the Vulnerable Software and Affected Versions: MC LR Router version 2.10.5 Description: The issue concerns OS command injection vulnerabilities in the web interface I/O configuration functionality. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can...