5.4CVSS
5.5AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.091EPSS
conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface).
7.5CVSS
7.9AI Score
0.03EPSS
An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board.
6.1CVSS
5.9AI Score
0.003EPSS
SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user.
7.8CVSS
7.6AI Score
0.0004EPSS