14 matches found
Yachtcontrol Webapplication 1.0 - Remote Command Injection
Yachtcontrol Webapplication 1.0 makes it possible to perform direct operating system commands as an unauthenticated user via the "/pages/systemcall.php?command=COMMAND" page and parameter, where COMMAND will be executed and returning the results to the client. Affects Yachtcontrol webservers...
CVE-2019-17270
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command=COMMAND" page and parameter, where COMMAND will be executed and returning the results to the client. Affects Yachtcontrol webservers disclos...
The vulnerability of the Yachtcontrol navigation software’s web servers allows a hacker to execute arbitrary code.
The vulnerability of the Yachtcontrol navigation software web server exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created page...
VulnCheck KEV: CVE-2019-17270
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command=COMMAND" page and parameter, where COMMAND will be executed and returning the results to the client. Affects Yachtcontrol webservers...
CVE-2019-17270
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command=COMMAND" page and parameter, where COMMAND will be executed and returning the results to the client. Affects Yachtcontrol webservers disclos...
CVE-2019-17270
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command=COMMAND" page and parameter, where COMMAND will be executed and returning the results to the client. Affects Yachtcontrol webservers disclos...
Authentication flaw
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command=COMMAND" page and parameter, where COMMAND will be executed and returning the results to the client. Affects Yachtcontrol webservers disclos...
CVE-2019-17270
CVE-2019-17270 affects Yachtcontrol Webapplication 1.0. It enables unauthenticated remote command execution via /pages/systemcall.php?command={COMMAND}, allowing arbitrary OS commands and exposure of command output on affected Yachtcontrol webservers exposed to Dutch GPRS/4G ranges. The issue ari...
CVE-2019-17270
Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command=COMMAND" page and parameter, where COMMAND will be executed and returning the results to the client. Affects Yachtcontrol webservers disclos...
Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution
Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution Exploit Title: Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution Google Dork: N/A Date: 2019-12-06 Exploit Author: Hodorsec Vendor Homepage: http://www.yachtcontrol.nl/en/ Version: 1.0 Software Link:...
Unspecified vulnerability in Yachtcontrol
Yachtcontrol is a ship navigation system from the Dutch company Yachtcontrol. A security vulnerability exists in Yachtcontrol versions 2019-10-06 and earlier. An attacker could exploit the vulnerability to execute operating system commands...
Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution
Exploit Title: Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution Google Dork: N/A Date: 2019-12-06 Exploit Author: Hodorsec Vendor Homepage: http://www.yachtcontrol.nl/en/ Version: 1.0 Software Link: http://download.yachtcontrol.nl/klant/Software/ &...
Yachtcontrol 2019-10-06 Remote Code Execution
Exploit Title: Yachtcontrol Webapplication - Unauthenticated Remote Code Execution Google Dork: N/A Date: 2019-12-06 Exploit Author: Hodorsec Vendor Homepage: http://www.yachtcontrol.nl/en/ Software Link: http://download.yachtcontrol.nl/klant/Software/ &...
Yachtcontrol 2019-10-06 Remote Code Execution Exploit #RCE
Exploit for windows platform in category remote exploits Exploit Title: Yachtcontrol Webapplication - Unauthenticated Remote Code Execution Exploit Author: Hodorsec Vendor Homepage: http://www.yachtcontrol.nl/en/ Software Link: http://download.yachtcontrol.nl/klant/Software/ &...