Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:5 a.m.9 views

CVE-2019-13598

LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port3480/datarequest because the "No unsafe lua allowed" code block is skipped...

10CVSS8.2AI score0.04201EPSS
Exploits1References1
NVD
NVD
added 2019/08/23 4:15 a.m.20 views

CVE-2019-15498

cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via --output argument injection in the username parameter to /cgi-bin/cmh/webcam.sh...

9.3CVSS9.2AI score0.03442EPSS
Exploits1References1
NVD
NVD
added 2019/07/14 6:15 p.m.20 views

CVE-2019-13598

LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port3480/datarequest because the "No unsafe lua allowed" code block is skipped...

10CVSS9.9AI score0.04201EPSS
Exploits1References1
Prion
Prion
added 2019/07/14 6:15 p.m.21 views

Command injection

LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port3480/datarequest because the "No unsafe lua allowed" code block is skipped...

10CVSS9.8AI score0.04201EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/07/14 5:22 p.m.137 views

CVE-2019-13598

CVE-2019-13598 affects Vera Edge Home Controller (version 1.7.4452) via LuaUPnP. A remote, unauthenticated attacker can trigger arbitrary OS commands by passing the code parameter to /port_3480/data_request, because the expected safety check for unsafe Lua code is skipped. This is a remote code e...

10CVSS9.8AI score0.04201EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder