Ruby on Rails local names command execution

Added: 07/29/2020 CVE: CVE-2020-8163 Background Ruby on Rails is a web application framework written in Ruby. Problem Rails applications that allow users to control the names of local variable are affected by a vulnerability that could allow a remote attacker to execute arbitrary commands...

Ruby on Rails local names command execution

Added: 07/29/2020 CVE: CVE-2020-8163 Background Ruby on Rails is a web application framework written in Ruby. Problem Rails applications that allow users to control the names of local variable are affected by a vulnerability that could allow a remote attacker to execute arbitrary commands...

Ruby on Rails local names command execution

Added: 07/29/2020 CVE: CVE-2020-8163 Background Ruby on Rails is a web application framework written in Ruby. Problem Rails applications that allow users to control the names of local variable are affected by a vulnerability that could allow a remote attacker to execute arbitrary commands...

Netgear R7000 Router remote command execution

Added: 07/01/2020 Background Netgear R7000 is a line of wireless routers. Problem A vulnerability in the web interface could allow unauthenticated attackers to execute arbitrary commands on the device. Resolution Disable access to the web interface from the public network. References Platforms...

Netgear R7000 Router remote command execution

Added: 07/01/2020 Background Netgear R7000 is a line of wireless routers. Problem A vulnerability in the web interface could allow unauthenticated attackers to execute arbitrary commands on the device. Resolution Disable access to the web interface from the public network. References...

Netgear R7000 Router remote command execution

Added: 07/01/2020 Background Netgear R7000 is a line of wireless routers. Problem A vulnerability in the web interface could allow unauthenticated attackers to execute arbitrary commands on the device. Resolution Disable access to the web interface from the public network. References...

Oracle WebLogic Server BadAttributeValueExpException deserialization

Added: 05/27/2020 CVE: CVE-2020-2555 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A Java object deserialization vulnerability in WebLogic allows unauthenticated remote code execution by sending a serialized BadAttributeValueExpExceptio...

Oracle WebLogic Server BadAttributeValueExpException deserialization

Added: 05/27/2020 CVE: CVE-2020-2555 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A Java object deserialization vulnerability in WebLogic allows unauthenticated remote code execution by sending a serialized BadAttributeValueExpExceptio...

Oracle WebLogic Server BadAttributeValueExpException deserialization

Added: 05/27/2020 CVE: CVE-2020-2555 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A Java object deserialization vulnerability in WebLogic allows unauthenticated remote code execution by sending a serialized BadAttributeValueExpExceptio...

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

netkit telnetd nextitem vulnerability

Added: 03/24/2020 Background netkit telnetd is a server implementation of the Telnet protocol which comes with many Linux and Unix operating systems. Problem An unbounded read and write condition in the nextitem function allows remote attackers to execute arbitrary commands on the server...

netkit telnetd nextitem vulnerability

Added: 03/24/2020 Background netkit telnetd is a server implementation of the Telnet protocol which comes with many Linux and Unix operating systems. Problem An unbounded read and write condition in the nextitem function allows remote attackers to execute arbitrary commands on the server...

netkit telnetd nextitem vulnerability

Added: 03/24/2020 Background netkit telnetd is a server implementation of the Telnet protocol which comes with many Linux and Unix operating systems. Problem An unbounded read and write condition in the nextitem function allows remote attackers to execute arbitrary commands on the server...

Microsoft SharePoint Picker.aspx deserialization vulnerability

Added: 03/03/2020 CVE: CVE-2019-0604 BID: 106914 Background Microsoft SharePoint is a tool for management and automation of business processes, as well as a platform for social networking. Problem A deserialization vulnerability in Microsoft SharePoint allows remote attackers to execute arbitrary...

Microsoft SharePoint Picker.aspx deserialization vulnerability

Added: 03/03/2020 CVE: CVE-2019-0604 BID: 106914 Background Microsoft SharePoint is a tool for management and automation of business processes, as well as a platform for social networking. Problem A deserialization vulnerability in Microsoft SharePoint allows remote attackers to execute arbitrary...

Microsoft SharePoint Picker.aspx deserialization vulnerability

Added: 03/03/2020 CVE: CVE-2019-0604 BID: 106914 Background Microsoft SharePoint is a tool for management and automation of business processes, as well as a platform for social networking. Problem A deserialization vulnerability in Microsoft SharePoint allows remote attackers to execute arbitrary...

Moxa AWK-3131A iw_console privilege escalation vulnerability

Added: 02/27/2020 CVE: CVE-2019-5136 Background Moxa AWK-3131A is a 3-in-1 industrial wireless AP/bridge/client device. Problem A privilege escalation vulnerability exists in the iwconsole functionality where a specially crafted menu selection string can cause an escape from the restricted consol...

Moxa AWK-3131A iw_console privilege escalation vulnerability

Added: 02/27/2020 CVE: CVE-2019-5136 Background Moxa AWK-3131A is a 3-in-1 industrial wireless AP/bridge/client device. Problem A privilege escalation vulnerability exists in the iwconsole functionality where a specially crafted menu selection string can cause an escape from the restricted consol...

Moxa AWK-3131A iw_console privilege escalation vulnerability

Added: 02/27/2020 CVE: CVE-2019-5136 Background Moxa AWK-3131A is a 3-in-1 industrial wireless AP/bridge/client device. Problem A privilege escalation vulnerability exists in the iwconsole functionality where a specially crafted menu selection string can cause an escape from the restricted consol...

OpenSMTPD MAIL FROM command injection

Added: 02/10/2020 CVE: CVE-2020-7247 Background OpenSMTPD is a free SMTP implementation. It comes with the OpenBSD operating system but is also available for other platforms. Problem The smtpmailaddr function does not properly sanitize user input, allowing remote attackers to inject arbitrary...

OpenSMTPD MAIL FROM command injection

Added: 02/10/2020 CVE: CVE-2020-7247 Background OpenSMTPD is a free SMTP implementation. It comes with the OpenBSD operating system but is also available for other platforms. Problem The smtpmailaddr function does not properly sanitize user input, allowing remote attackers to inject arbitrary...

OpenSMTPD MAIL FROM command injection

Added: 02/10/2020 CVE: CVE-2020-7247 Background OpenSMTPD is a free SMTP implementation. It comes with the OpenBSD operating system but is also available for other platforms. Problem The smtpmailaddr function does not properly sanitize user input, allowing remote attackers to inject arbitrary...

Citrix ADC and Gateway directory traversal and XML file upload

Added: 01/13/2020 Background Citrix ADC formerly NetScaler ADC is an application delivery and load balancing platform. Citrix Gateway formerly NetScaler Unified Gateway is a secure workspace access and single sign-on solution. Problem A directory traversal vulnerability allows remote attackers to...

Citrix ADC and Gateway directory traversal and XML file upload

Added: 01/13/2020 Background Citrix ADC formerly NetScaler ADC is an application delivery and load balancing platform. Citrix Gateway formerly NetScaler Unified Gateway is a secure workspace access and single sign-on solution. Problem A directory traversal vulnerability allows remote attackers to...

Citrix ADC and Gateway directory traversal and XML file upload

Added: 01/13/2020 Background Citrix ADC formerly NetScaler ADC is an application delivery and load balancing platform. Citrix Gateway formerly NetScaler Unified Gateway is a secure workspace access and single sign-on solution. Problem A directory traversal vulnerability allows remote attackers to...

Alcatel OmniVista remote command execution

Added: 12/31/2019 Background Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common VoIP solution. Problem Directory traversal and insecure upload vulnerabilities allow a remote attacker to upload and execute arbitrary PHP code. Resolution Upgrade to OmniVista 8770 version 4.1.12...

Alcatel OmniVista remote command execution

Added: 12/31/2019 Background Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common VoIP solution. Problem Directory traversal and insecure upload vulnerabilities allow a remote attacker to upload and execute arbitrary PHP code. Resolution Upgrade to OmniVista 8770 version 4.1.12...

Alcatel OmniVista remote command execution

Added: 12/31/2019 Background Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common VoIP solution. Problem Directory traversal and insecure upload vulnerabilities allow a remote attacker to upload and execute arbitrary PHP code. Resolution Upgrade to OmniVista 8770 version 4.1.12...

Revive Adserver deserialization vulnerability

Added: 12/16/2019 CVE: CVE-2019-5434 Background Revive Adserver is a free, open source ad serving system. Problem A deserialization vulnerability in Revive Adserver allows remote attackers to execute arbitrary commands injected into the what parameter of the openads.spc RPC method of adxmlrpc.php...

Revive Adserver deserialization vulnerability

Added: 12/16/2019 CVE: CVE-2019-5434 Background Revive Adserver is a free, open source ad serving system. Problem A deserialization vulnerability in Revive Adserver allows remote attackers to execute arbitrary commands injected into the what parameter of the openads.spc RPC method of adxmlrpc.php...

Revive Adserver deserialization vulnerability

Added: 12/16/2019 CVE: CVE-2019-5434 Background Revive Adserver is a free, open source ad serving system. Problem A deserialization vulnerability in Revive Adserver allows remote attackers to execute arbitrary commands injected into the what parameter of the openads.spc RPC method of adxmlrpc.php...

Cisco Prime Infrastructure Health Monitor tar file directory traversal

Added: 11/25/2019 CVE: CVE-2019-1821 BID: 108339 Background Cisco Prime Infrastructure is a management system of wireless and wired networks. Problem A vulnerability in Cisco Prime Infrastructure Health Monitor allows a remote attacker to execute arbitrary commands by uploading a specially crafte...

Cisco Prime Infrastructure Health Monitor tar file directory traversal

Added: 11/25/2019 CVE: CVE-2019-1821 BID: 108339 Background Cisco Prime Infrastructure is a management system of wireless and wired networks. Problem A vulnerability in Cisco Prime Infrastructure Health Monitor allows a remote attacker to execute arbitrary commands by uploading a specially crafte...

Cisco Prime Infrastructure Health Monitor tar file directory traversal

Added: 11/25/2019 CVE: CVE-2019-1821 BID: 108339 Background Cisco Prime Infrastructure is a management system of wireless and wired networks. Problem A vulnerability in Cisco Prime Infrastructure Health Monitor allows a remote attacker to execute arbitrary commands by uploading a specially crafte...

Joomla Object Injection

Added: 10/24/2019 Background Joomla is a content management system written in PHP. Problem An object injection vulnerability in Joomla could allow a remote, unauthenticated attacker to execute arbitrary commands on the server. This vulnerability has been nicknamed "Rusty Joomla". Resolution Upgra...

Joomla Object Injection

Added: 10/24/2019 Background Joomla is a content management system written in PHP. Problem An object injection vulnerability in Joomla could allow a remote, unauthenticated attacker to execute arbitrary commands on the server. This vulnerability has been nicknamed "Rusty Joomla". Resolution Upgra...

Joomla Object Injection

Added: 10/24/2019 Background Joomla is a content management system written in PHP. Problem An object injection vulnerability in Joomla could allow a remote, unauthenticated attacker to execute arbitrary commands on the server. This vulnerability has been nicknamed "Rusty Joomla". Resolution Upgra...

vBulletin remote command execution via the widgetConfig[code] parameter

Added: 09/27/2019 Background vBulletin is a commercial web bulletin board application written in PHP using MySQL. Problem vBulletin allows remote command execution via the widgetConfigcode parameter in an ajax/render/widgetphp routestring request. Resolution Upgrade vBulletin to version higher th...

vBulletin remote command execution via the widgetConfig[code] parameter

Added: 09/27/2019 Background vBulletin is a commercial web bulletin board application written in PHP using MySQL. Problem vBulletin allows remote command execution via the widgetConfigcode parameter in an ajax/render/widgetphp routestring request. Resolution Upgrade vBulletin to version higher th...

vBulletin remote command execution via the widgetConfig[code] parameter

Added: 09/27/2019 Background vBulletin is a commercial web bulletin board application written in PHP using MySQL. Problem vBulletin allows remote command execution via the widgetConfigcode parameter in an ajax/render/widgetphp routestring request. Resolution Upgrade vBulletin to version higher th...

Cisco UCS Director authentication bypass and command injection

Added: 09/13/2019 CVE: CVE-2019-1937 Background Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Problem An authentication bypass vulnerability in the ClientServlet allows unauthenticated users to gain an administrative session. Furthermore, a...

Cisco UCS Director authentication bypass and command injection

Added: 09/13/2019 CVE: CVE-2019-1937 Background Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Problem An authentication bypass vulnerability in the ClientServlet allows unauthenticated users to gain an administrative session. Furthermore, a...

Cisco UCS Director authentication bypass and command injection

Added: 09/13/2019 CVE: CVE-2019-1937 Background Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS. Problem An authentication bypass vulnerability in the ClientServlet allows unauthenticated users to gain an administrative session. Furthermore, a...

Webmin password_change.cgi backdoor

Added: 08/26/2019 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem A backdoor in Webmin allows a remote attacker to execute arbitrary commands by sending a POST request for passwordchange.cgi...

Webmin password_change.cgi backdoor

Added: 08/26/2019 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem A backdoor in Webmin allows a remote attacker to execute arbitrary commands by sending a POST request for passwordchange.cgi...

Webmin password_change.cgi backdoor

Added: 08/26/2019 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem A backdoor in Webmin allows a remote attacker to execute arbitrary commands by sending a POST request for passwordchange.cgi...

Citrix SD-WAN Appliance SQL and command injection

Added: 07/26/2019 Background Citrix Software-defined wide-area network SD-WAN is a service that grants the enterprise with the ability to dynamically connect branch offices and data centers on a global scale. Problem Citrix SD-WAN 10.1.x and 10.2.x before 10.2.3 allow unauthenticated SQL injectio...

Citrix SD-WAN Appliance SQL and command injection

Added: 07/26/2019 Background Citrix Software-defined wide-area network SD-WAN is a service that grants the enterprise with the ability to dynamically connect branch offices and data centers on a global scale. Problem Citrix SD-WAN 10.1.x and 10.2.x before 10.2.3 allow unauthenticated SQL injectio...