CVE-2019-25241 FaceSentry Access Control System 6.4.8 Remote SSH Root Access

FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication...

HPE VAN SDN Unauthenticated Remote Root Vulnerability

Vulnerability Details Affected Vendor: HP Enterprise Affected Product: VAN SDN Controller Affected Version: 2.7.18.0503 Platform: Embedded Linux CWE Classification: CWE-798: Use of Hard-coded Credentials, CWE-20: Improper Input Validation Impact: Privilege Escalation Attack vector: HTTP 2...

pineapp mailsecure remote no authenticated privilege escalation & remote execution code

Hi, related this: http://seclists.org/fulldisclosure/2013/Nov/136 In February 2013 I send Pineapp the following information: ----------------------------------------------------------------- It is possible execute any command bash as qmailq unprivilege user, sending only the following https...

PineApp MailSecure - Remote Command Execution Vulnerability

Exploit for linux platform in category remote exploits ----------------------------------------------------------------- It is possible execute any command bash as qmailq unprivilege user, sending only the following https request, without authentication...

PineApp MailSecure - Remote Command Execution

----------------------------------------------------------------- It is possible execute any command bash as qmailq unprivilege user, sending only the following https request, without authentication...