CVE-2025-11534

The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials...

Asterisk 操作系统命令注入漏洞

Asterisk is an Asterisk open source software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk suffers from an operating system command injection vulnerability that stems from a clipermissions.conf configuration failure, which could lead to...

PT-2021-17778 · Hongdian · Hongdian H8922

Name of the Vulnerable Software and Affected Versions: Hongdian H8922 version 3.0.5 Description: The issue concerns an undocumented feature in the affected device, allowing unauthorized access to a shell with superuser privileges. This access is facilitated through the telnet service on port 5188...

CVE-2020-5855

When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client for Windows, unauthorized users who have physical access to an authorized user's machine can get shell access under unprivileged user...

FreeBSD : asterisk -- multiple vulnerabilities (f109b02f-f5a4-11e3-82e9-00a098b18457)

The Asterisk project reports : Asterisk Manager User Unauthorized Shell Access. Manager users can execute arbitrary shell commands with the MixMonitor manager action. Asterisk does not require system class authorization for a manager user to use the MixMonitor action, so any manager user who is...

AST-2014-006: Asterisk Manager User Unauthorized Shell Access

Asterisk Project Security Advisory - AST-2014-006 Product Asterisk Summary Asterisk Manager User Unauthorized Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On April 9, 2014 Reported By Corey Farrell...

asterisk -- multiple vulnerabilities

The Asterisk project reports: Asterisk Manager User Unauthorized Shell Access. Manager users can execute arbitrary shell commands with the MixMonitor manager action. Asterisk does not require system class authorization for a manager user to use the MixMonitor action, so any manager user who is...

AST-2012-012: Asterisk Manager User Unauthorized Shell Access

Asterisk Project Security Advisory - AST-2012-012 Product Asterisk Summary Asterisk Manager User Unauthorized Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On July 13, 2012 Reported By Zubair Ashraf of...

FreeBSD : asterisk -- multiple vulnerabilities (1c5abbe2-8d7f-11e1-a374-14dae9ebcf89)

Asterisk project reports : Remote Crash Vulnerability in SIP Channel Driver Heap Buffer Overflow in Skinny Channel Driver Asterisk Manager User Unauthorized Shell Access %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

asterisk -- multiple vulnerabilities

Asterisk project reports: Remote Crash Vulnerability in SIP Channel Driver Heap Buffer Overflow in Skinny Channel Driver Asterisk Manager User Unauthorized Shell Access...

OpenSSH: sftp & bypassing keypair auth restrictions

OpenSSH: sftp-server & bypassing keypair auth restrictions Summary: If you 1 are using keypairs and /.ssh/authorizedkeys2 to enable remote execution of commands via OpenSSH's sshd and 2 have sshd configured to provide sftp service via the sftp-server subsystem, then clients who have access with...