40 matches found
CVE-2025-67041
An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the original command and execute an arbitrary one with root privileges...
CVE-2025-67041
CVE-2025-67041 affects Lantronix EDS3000PS (3.1.0.0R2). The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized, enabling an attacker to escape the original command and execute arbitrary commands with root privileges. The vulnerability is rated CVSS v3.1 bas...
EUVD-2004-1479
Malware in sbrugna...
EUVD-2013-2944
Malware in sbrugna...
EUVD-2021-21678
Malware in sbrugna...
EUVD-2021-29715
Malicious code in bioql PyPI...
CVE-2021-35031
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device...
Fortinet FortiWeb Buffer overflow in TFTP client library of CLI (FG-IR-21-173)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-173 advisory. - A buffer overflow CWE-121 in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an...
Fortinet Fortigate Buffer overflow in TFTP client library of CLI (FG-IR-21-173)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-173 advisory. - A buffer overflow CWE-121 in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an...
Fortinet FortiOS Buffer Overflow Vulnerability (CNVD-2022-08470)
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security vulnerability exists i...
ZyXEL GS1900 Access Control Error Vulnerability
Zyxel ZyXEL GS1900 is a managed switch from Zyxel Taiwan, China. An Access Control Error vulnerability exists in multiple Zyxel products, which stems from the product's TFTP client not adding privilege controls to the functions that can execute system commands. The vulnerability can be exploited ...
CVE-2021-35031
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device...
Design/Logic Flaw
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device...
CVE-2021-35031
The CVE-2021-35031 issue affects Zyxel GS1900 series firmware and XGS1210/XGS1250 series firmware, where the TFTP client component does not enforce privilege controls for functions that can run system commands. This enables an authenticated LAN user to execute arbitrary OS commands via the device...
ZyXEL GS1900 操作系统命令注入漏洞
Zyxel ZyXEL GS1900 is a managed switch from Zyxel Taiwan, China. An Access Control Error vulnerability exists in multiple Zyxel products, which stems from the product's TFTP client not adding privilege controls to the functions that can execute system commands. The vulnerability can be exploited ...
CVE-2021-42757
A buffer overflow CWE-121 in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments...
Buffer overflow
A buffer overflow CWE-121 in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments...
CVE-2021-42757
FortiOS contains a buffer overflow (CWE-121) in the TFTP client library. CVE-2021-42757 affects FortiOS versions prior to 6.4.7 and 7.0.0–7.0.2, enabling a locally authenticated attacker to execute arbitrary code via crafted CLI arguments. The vulnerability is documented in Fortinet’s FG-IR-21-17...
Protect
A buffer overflow CWE-121 in the TFTP client library of FortiOS, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments...
PT-2021-6860 · Fortinet · Fortios
Name of the Vulnerable Software and Affected Versions: FortiOS versions prior to 6.4.7 FortiOS versions 7.0.0 through 7.0.2 Description: A buffer overflow in the TFTP client library may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line...