Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

F5-BIG-IP POC POC set written in Go language, targeting CVE-2...

PT-2022-20406 · Jenkins · Jenkins Wmi Windows Agents Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins WMI Windows Agents Plugin versions 1.8 and earlier Description: The Jenkins WMI Windows Agents Plugin includes the Windows Remote Command library, which does not implement access control. This potentially allows users to start process...

UBUNTU-CVE-2022-22941

An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisheracl, if a user configured in the publisheracl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid,...

UBUNTU-CVE-2022-24986

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands...

Elecom Edwrc 操作系统操作系统命令注入漏洞

The Elecom Edwrc is a series of routers from Elecom Japan. The Elecom Edwrc suffers from an operating system command injection vulnerability that originates from a network system or product not properly filtering specific elements of the data entered externally to the ELECOM router during the...

Apache Hadoop Yarn RPC Unauthorized Command Execution Vulnerability

Apache Hadoop is a distributed infrastructure. Apache Hadoop Yarn RPC Unauthorized Command Execution vulnerability can be exploited by attackers to gain control of the server...

Security Updates for Microsoft Office Web Apps (September 2021)

The Microsoft Office Web Apps installation on the remote host is missing security updates. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for th...

Care2x2.7 Alpha SQL注入漏洞

Care2x2.7 Alpha is a software application. A hospital information management system. A SQL injection vulnerability exists in Care2x2.7 Alpha that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to...

FortiMail Command Injection Vulnerability

Fortinet FortiMail is a set of e-mail security gateway products of the U.S. Fita Fortinet. The product provides e-mail security and data protection features. A security vulnerability exists in the FortiMail management interface before 6.4.4, which can be exploited by an attacker to execute...

Buffer overflow

Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically...

CVE-2021-26106

Fortinet FortiAP OS command injection (CVE-2021-26106) affects FortiAP console versions 6.4.1–6.4.5 and 6.2.4–6.2.5. The vulnerability is due to improper neutralization of special elements in an OS command, enabling an authenticated, local attacker to execute unauthorized commands by issuing the ...

Fortinet FortiAP 操作系统命令注入漏洞

Fortinet FortiAP is a controller for managing wireless access point devices from Fortinet, Inc. A security vulnerability exists in Fortinet FortiAP, which can be exploited by an attacker to execute unauthorized commands by running the kdbg CLI command with specially crafted parameters...

Cisco HyperFlex HX 未授权命令注入漏洞（CVE-2021-1497 CVE-2021-1498）

CVE-2021-1497 and/or CVE-2021-1498 Command injection in the /storfs-asup endpoint’s token and mode parameters. Patch --- unpatched/web.xml 2021-05-17 19:06:17.000000000 -0500 +++ patched/web.xml 2021-05-17 19:06:23.000000000 -0500 @@ -69,17 +69,6 @@ - Springpath Storfs ASUP -...

CVE-2021-1303

CVE-2021-1303 concerns Cisco DNA Center. A vulnerability in the user management roles enforcement allows an authenticated attacker with an Observer role to execute commands on managed devices, potentially viewing diagnostic information. Several sources state this is an elevation of privilege in t...

CVE-2020-8539

Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an attacker to inject unauthorized commands, by executing the micomd executable deamon, to trigger unintended functionalities. In addition, this executable may be used by an attacker t...

CVE-2020-8539

CVE-2020-8539 affects Kia Motors head units (SOP.003.30.18.0703, SOP.005.7.181019, SOP.007.1.191209). The vulnerability arises from an arbitrary command execution via the micomd daemon, enabling an attacker with local access to inject commands and generate CAN frames on the M-CAN multimedia bus. ...

CVE-2020-28212

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause unauthorized command execution when a brute force attack is done over Modbus...

Authentication flaw

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause unauthorized command execution when a brute force attack is done over Modbus...

Design/Logic Flaw

A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause unauthorized command execution when sending specially crafted requests over Modbus...

CVE-2020-28213

Across multiple sources, CVE-2020-28213 affects Schneider Electric EcoStruxure Control Expert (Unity Pro) PLC Simulator, with the flaw lying in downloading code without integrity checking via Modbus. The vulnerability allows unauthorized command execution on all versions, as reported in CVE recor...