p4 操作系统命令注入漏洞

p4 is a small utility library for working with Perforce by the individual developer Nate Long. An operating system command injection vulnerability exists in versions prior to p4 0.0.7, which stems from incorrect input cleanup, and a command injection vulnerability via the run function...

CVE-2022-44606

OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings...

Snyk CLI 操作系统命令注入漏洞

Snyk CLI is a build-time tool from Snyk USA for finding and fixing known vulnerabilities in your project. Snyk CLI before 1.1064.0, snyk-mvn-plugin before 2.31.3, snyk-gradle-plugin before 3.24.5, snyk-cocoapods-plugin before 2.5.3, snyk-sbt-plugin before 2.16.2 versions, snyk-python-plugin befor...

多款Sapido产品操作系统命令注入漏洞

Sapido BR270n and others are a wireless router from Sapido. A security vulnerability exists in Sapido BR270n, BRC76n, GR297, RB1732. An attacker could exploit this vulnerability to perform os command injection attacks...

Microsoft Azure 操作系统命令注入漏洞

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft Corporation USA. An operating system command injection vulnerability exists in Microsoft Azure CLI versions prior to 2.40.0, which originates from a host running Azure CLI commands where the parameter...

XXL-JOB 操作系统命令注入漏洞

XXL-JOB is a distributed task scheduling platform based on java language from XU Xueli XXL-JOB community. XXL-JOB version 2.2.0 suffers from an operating system command injection vulnerability, which stems from a command execution vulnerability in a background task...

PT-2022-6313 · Dell · Dell Container Storage Modules

Name of the Vulnerable Software and Affected Versions: Dell Container Storage Modules version 1.2 Description: The issue is related to an OS Command Injection in the goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this, leading to modification of intended OS command...

Hitachi RAID Manager SRA 操作系统命令注入漏洞

Hitachi RAID Manager SRA is a storage replication adapter software from Hitachi, Japan. A security vulnerability exists in Hitachi RAID Manager Storage Replication Adapter that originates from it allowing remote authenticated users to execute arbitrary OS commands via OS command injection...

RPi-Jukebox-RFID 操作系统命令注入漏洞

RPi-Jukebox-RFID is a contactless jukebox for the Raspberry Pi from the individual developers at Micz Flor in Germany. It plays audio files, playlists, podcasts, web streams and spotify triggered by the RFID card. An operating system command injection vulnerability exists in RPi-Jukebox-RFID...

Microsoft VSCode Extension 操作系统命令注入漏洞

Microsoft VSCode Extension is an extension for VSCode from Microsoft Corporation USA. An operating system command injection vulnerability exists in Microsoft VSCode Extension vscode-gitops-tools versions 0.7.0 through 0.20.2, which originates from a specially crafted Flux object in the context of...

TCL LinkHub Mesh Wi-Fi 操作系统命令注入漏洞

TCL LinkHub Mesh Wi-Fi is a router from TCL. An OS command injection vulnerability exists in TCL LinkHub Mesh Wi-Fi MS1G0001.0014 version, which stems from an os command injection vulnerability in the confsrv ucloudaddnewnode function. An attacker could exploit this vulnerability by sending...

Dell EMC PowerStore 操作系统命令注入漏洞

Dell EMC PowerStore is a storage device from Dell, Inc. A security vulnerability exists in Dell EMC PowerStore versions prior to 3.0.0.0, which stems from an operating system command injection vulnerability contained in the PowerStore T environment, which could be exploited by a...

mailcow 操作系统命令注入漏洞

mailcow is a mail server suite. An operating system command injection vulnerability exists in versions prior to mailcow 2022-06a that originates from the ability to execute arbitrary code by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutno...

Fortinet FortiManager和FortiAnalyzer 操作系统命令注入漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer are both products from Fortinet, Inc. Fortinet FortiManager is a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can be grouped into different management domains...

Marval MSM 操作系统命令注入漏洞

Marval MSM is an innovative IT service management software from Marval UK. A security vulnerability exists in Marval MSM version v14.19.0.12476, which stems from insecure handling of VBScript, resulting in vulnerability to operating system command injection...

CVE-2022-30329

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands...

CVE-2022-30329

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary shell commands...

Google-it 操作系统命令注入漏洞

Google-it is a simple library for converting Google search results to JSON output, and will soon offer interactive display options. A security vulnerability exists in Google-it version 1.6.2 and earlier, which stems from the fact that it allows its users to send a search query to Google and recei...

CVE-2022-29539

resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software e.g.,...

InHand Networks InRouter302 操作系统命令注入漏洞

InHand Networks InRouter Series is a series of routers from InHand Networks, Inc. InHand Networks InRouter302 version V3.5.37 contains an operating system command injection vulnerability that can be exploited by attackers to cause arbitrary command execution...