6 matches found
EUVD-2019-18883
Malware in sbrugna...
Vertiv Avocent UMG-4000 Web Interface Cross-Site Scripting Vulnerability (CNVD-2020-25873)
The Vertiv Avocent UMG-4000 is a Universal Management Gateway appliance from Vertiv Technologies Vertiv. It supports real-time management, monitoring, access and control of IT devices and infrastructure. A cross-site scripting vulnerability exists in the web interface of the Vertiv Avocent UMG-40...
Vertiv Avocent UMG-4000 Web Interface OS Command Injection Vulnerability
The Vertiv Avocent UMG-4000 is a Universal Management Gateway appliance from Vertiv Technologies Vertiv. It supports real-time management, monitoring, access and control of IT devices and infrastructure. An operating system command injection vulnerability exists in the web interface of the Vertiv...
Cross site scripting
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. The web application does not neutralize user-controllable input before displaying to users in a web page, which could allow a remote attacker authenticated with a user accou...
Command injection
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command injection because the application incorrectly neutralizes code syntax before executing. Since all commands within the web application are executed as root, this could allow a remote attacker authenticated...
CVE-2019-9509 The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected cross site scripting
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. The web application does not neutralize user-controllable input before displaying to users in a web page, which could allow a remote attacker authenticated with a user accou...