CVE-2024-7579

A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.cgi of the component File Name Handler. The manipulation of the argument uploadedFile leads to os...

CVE-2024-7579 Alien Technology ALR-F800 File Name upgrade.cgi popen os command injection

A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.cgi of the component File Name Handler. The manipulation of the argument uploadedFile leads to os...

Alien ALR-F800 操作系统命令注入漏洞

The Alien ALR-F800 is an RFID sensor from Alien. An operating system command injection vulnerability exists in the Alien ALR-F800 version 19.10.24.00 and prior versions, which stems from an operating system command injection vulnerability contained in the uploadedFile parameter in the File Name...

Movable Type 4.2x / 4.3x Web Upgrade Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4 'Movable Type 4.2x, 4.3x Web Upgrade...

iDEFENSE Security Advisory 09.13.05: Linksys WRT54G 'upgrade.cgi' Firmware Upload Design Error Vulnerability

Linksys WRT54G 'upgrade.cgi' Firmware Upload Design Error Vulnerability iDEFENSE Security Advisory 09.13.05 www.idefense.com/application/poi/display?id=307&type=vulnerabilities September 13, 2005 I. BACKGROUND The Linksys WRT54G is a combination wireless access point, switch and router. More...