ABB Cylon Aspect version 3.07.02 uses a weak set of default administrative credentials that can be guessed in remote password attacks and used to gain full control of the system.
abdeff4284c7fe44c3e55417d31b7d1ca3841538897dfe4c0808b510db1dacc3ABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the MODEM HTTP POST parameter called by the dialupSwitch.php script.
a4086eec7a5ee5c9db9cd5f10469f947a7061c1d4d1d322d7820c84737b04b5eABB Cylon Aspect version 3.07.02 suffers from a vulnerability that allows an unauthenticated attacker to enable or disable the SSH daemon by sending a POST request to sshUpdate.php with a simple JSON payload. This can be exploited to start the SSH service on the remote host without proper authentication, potentially enabling unauthorized access or stop and deny service access.
b3763bcb69fec8fa8456518bda4905438794f1034a56b68246980d06fc740b58TerraMaster TOS version 4.2.29 suffers from a remote code injection vulnerability leveraging a local file inclusion vulnerability.
47788fafaa57a0578fe61fae3aba9174fdcd4e9caddb1374b93de92e53260e4aSolarView Compact version 6.00 suffers from a PHP code injection vulnerability.
afb7c824b8a452a7e349a92945e4f923c65efb017c72b8f15dc3710d87d468e4Openfire version 4.8.0 suffers from authentication bypass and code injection vulnerabilities.
eefc137002c1066cce87682437ffa243da616e4655906ff7e940a9880c1521faMagnusBilling version 6.x suffers from a PHP code injection vulnerability.
8afee02e52dfc7e60f0795a499d4d51a65da1ef81b17761aba9000d194ee19beKafka UI version 0.7.1 suffers from a remote code injection vulnerability.
f6954aa312113773c4c6cf140221ca2fecef7f97142ccba843f932cb4517b4e9GL.iNet version 4.4.3 suffers from authentication bypass and code injection vulnerabilities.
c0bd892d4ce8d30e3432ddef1187ae27e61ca1614db2d2530154b6a6e003a28cGibbon School Platform version 26.0.00 suffers from a PHP code injection vulnerability.
e4e57257a6af48db80f9631152fb25298130f59964899699bca602c17cfd7836Craft CMS version 4.4.14 suffers from a PHP code injection vulnerability.
1f149768386bf46995caf4d51e649f8b66d41ec64b6663664584c8357eb34ffbChamilo version 1.11.18 suffers from a PHP code injection vulnerability.
96e2fd6800e4eae0de444f883558a648f96062c2ef4ccf1b635571eb64c66ddeArtica Proxy version 4.40 suffers from a code injection vulnerability that provides a reverse shell.
c1517d7efd5b58efb0947f3e574c94e4dff36e9127ec54ebd5658e96d60b3efbABB Cylon Aspect version 3.08.01 has a directory traversal vulnerability that can be exploited by an unauthenticated attacker to list the contents of arbitrary directories without reading file contents, leading to information disclosure of directory structures and filenames. This may expose sensitive system details, aiding in further attacks. The issue lies in the listFiles() function of the persistenceManagerAjax.php script, which calls PHP's readdir() function without proper input validation of the directory POST parameter.
6fe5412f92cf9da09187b01562243fec9b9cf0b1251cbfd3a890fd1a773702c5Palo Alto Networks GlobalProtect versions 5.1.x, 5.2.x, 6.0.x, 6.1.x, 6.3.x and versions less than 6.2.5 suffer from a local privilege escalation vulnerability.
bdf5f12114d9810353407e9bf2aa69dff68a900d64bc056a6fe658b1f27ea756Android GKI kernels contain broken non-upstream Speculative Page Faults MM code that can lead to use-after-free conditions.
66f3d20525ff0676542d2ca32e25362978413e0665982d4a600608e52b0a2fcfThere is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.
2e6ee0c003e7075d02a19941dea59ff9838200ead28039478bb67d1a365c5bdcABB Cylon Aspect version 3.08.01 suffers from an arbitrary file deletion vulnerability. Input passed to the file parameter in calendarFileDelete.php is not properly sanitized before being used to delete calendar files. This can be exploited by an unauthenticated attacker to delete files with the permissions of the web server using directory traversal sequences passed within the affected POST parameter.
af2f7d68963611fa4772fa49e8fd86c81c3df85b1983689743ab1d4ffc0561a5The Top module for PHP-Nuke versions 6.x and below 7.6 suffers from a remote SQL injection vulnerability.
3a92ffde9b535fb265d6a04a22334f353b0ca9559e82557ef8693c270d32986fGenGravSSTIExploit is a proof of concept Python script that exploits an authenticated server-side template injection (SSTI) vulnerability in Grav CMS versions 1.7.44 and below. This vulnerability allows a user with editor permissions to execute OS commands on a remote server.
320840a574bd1e39d76e644a70206a220bf7e080390462bcc9fbdf69d6cd628aThis script exploits the issue noted in CVE-2024-45409 that allows an unauthenticated attacker with access to any signed SAML document issued by the IDP to forge a SAML Response/Assertion and gain access as any user on GitLab. Ruby-SAML versions below or equal to 12.2 and versions 1.13.0 through 1.16.0 do not properly verify the signature of the SAML Response.
d08713f2b53b8375bee1c935a8aa40df427334d91a9660f64086fe0c225c0c55This is a thorough write up of how to exploit a local privilege escalation vulnerability in iTunes for Windows version 12.13.2.3. Apple fixed this in version 12.13.3.
d695b4f1b1028346552105f4ee8239edee8add156e7b797895b5d5337070f75fABB Cylon Aspect versions 3.08.00 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the SYSLOG HTTP POST parameter called by the syslogSwitch.php script.
bd108fa7ce900744b1676f5426423c1034cfcf86df1a6c72f006197b3c7c4616ABB Cylon Aspect versions 3.08.01 and below suffer from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the Footer HTTP POST parameter called by the caldavUtil.php script.
8a578a88dc628bdf9030f24dfeb5efed5a2916122d7b2c6617ee5215c5c7a0d4ABB Cylon Aspect versions 3.08.00 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the timeserver HTTP POST parameter called by the setTimeServer.php script.
7a951ff7fa25dce192577e79009a2ecc161d07c5d3e93a4698034aee54606ea7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed