The vulnerability of the websGetVar function in the /goform/set_cmd file of the LB-LINK microprogramming router software allows a hacker to gain full control over the device.

The vulnerability of the websGetVar function in the /goform/set command of the LB-LINK microprogramming device exists because measures to neutralize the special elements used in the operating system command are not taken. Exploiting this vulnerability can allow a malicious actor to gain full...

The vulnerability in the script /view/DBManage/Backup_Server_commit.php of the D-Link DAR-7000 and DAR-8000 router microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability of the /view/DBManage/BackupServercommit.php script of the D-Link DAR-7000 and DAR-8000 router microprogramming systems exists due to the failure to address the need to neutralize certain special elements used in the operating system commands. Exploiting this vulnerability allow...

The vulnerability of the msp_info.htm file on the D-Link DI-8100G network device allows a hacker to bypass security restrictions and execute arbitrary commands.

The vulnerability of the mspinfo.htm file on the D-Link DI-8100G network device is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to bypass security restrictions and execute arbitra...

The vulnerability of the Postjournal Service in the corporate email management system Zimbra Collaboration Suite allows a perpetrator to execute arbitrary commands.

The vulnerability of the Postjournal Service in the corporate email management system Zimbra Collaboration Suite is related to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute...

The vulnerability of the displaySettings function in the Cacti network monitoring software allows a hacker to execute cross-site scripting.

The vulnerability of the displaySettings function in the Cacti network monitoring software relates to the failure to take measures to neutralize special elements. Exploiting this vulnerability can allow a malicious actor to execute cross-site scripting using forged cookie files...

The vulnerability of the formWriteFacMac function (/goform/WriteFacMac) in the Tenda AC10U router software, which allows a hacker to execute arbitrary commands.

The vulnerability of the formWriteFacMac function /goform/WriteFacMac in the Tenda AC10U router software relates to the failure to neutralize special elements used in operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

PT-2024-1934 · Zyxel · Zyxel Usg +1

Name of the Vulnerable Software and Affected Versions: Zyxel USG and Zyxel VPN affected versions not specified Description: The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This can be exploited by a remote attacker to execute...

The vulnerability of the web application development framework web2py arises from the lack of measures taken to eliminate special elements used in the operating system’s command line. This allows attackers to execute arbitrary commands.

The vulnerability of the web2py web application development framework exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the JMSMessageConsumer component of the software for transmitting large volumes of streaming data via Apache Flume allows a attacker to execute arbitrary code.

The vulnerability of the JMSMessageConsumer component in the Apache Flume software for processing large volumes of streaming data exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the web interface and API of the Cisco Application Policy Infrastructure Controller allows a perpetrator to execute arbitrary commands.

The vulnerability of the Cisco Application Policy Infrastructure Controller’s web interface and API exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...