CVE-2025-34103

An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware versions prior to 2.2.3.0, due to improper input handling in the undocumented /cgi-bin/rdfs.cgi endpoint. The Client parameter is not sanitized before being passed to a system call, allowing an unauthenticat...

PT-2019-16983 · Ibm · Ibm Pureapplication System

Name of the Vulnerable Software and Affected Versions: IBM PureApplication System versions 2.2.3.0 through 2.2.5.3 Description: The issue makes it easier for attackers to compromise user accounts due to a lack of strong password requirements by default. Recommendations: For versions 2.2.3.0 throu...

SUSE-SU-2017:3029-1 Security update for ansible and monasca-installer

This update for ansible provides version 2.2.3.0 and fixes the following security issues: - CVE-2017-7481: Data for lookup plugins used as variables was not being marked as 'unsafe' and could lead to unintentional disclosure of information. bsc1038785 - CVE-2016-9587: Prevent compromised host to...

WePresent WiPG-1000 - Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'WePresent WiPG-1000 Command Injection', 'Description' = %q This module exploits a command injection vulnerability in an...