Bewertung: 0 / 5
CAYIN CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the NTP_Server_IP HTTP POST parameter in system.cgi page.
Read more...CAYIN SMP-xxxx suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the NTP_Server_IP HTTP GET parameter in system.cgi and wizard_system.cgi pages.
Read more...Secure Computing SnapGear Management Console SG560 version 3.1.5 suffers from arbitrary file read and write vulnerabilities. The application allows the currently logged-in user to edit the configuration files in the system using the CGI executable edit_config_files in /cgi-bin/cgix/. The files[…]
Read more...This Metasploit module exploits a vulnerability found in Synology DiskStation Manager (DSM) versions prior to 5.2-5967-5, which allows the execution of arbitrary commands under root privileges after website authentication. The vulnerability is located in webman/modules/StorageManager/smart.cgi, which allows appending of a[…]
Read more...Ubuntu Security Notice 4356-1 - Jeriko One discovered that Squid incorrectly handled certain Edge Side Includes responses. A malicious remote server could cause Squid to crash, possibly poison the cache, or possibly execute arbitrary code. It was discovered that Squid[…]
Read more...This Metasploit module exploits an authenticated directory traversal vulnerability in Zen Load Balancer version 3.10.1. The flaw exists in index.cgi not properly handling the filelog= parameter which allows a malicious actor to load arbitrary file path.
Read more...D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials.
Read more...This Metasploit module exploits an unauthenticated remote command injection vulnerability found in Barco WePresent and related OEM'ed products. The vulnerability is triggered via an HTTP POST request to the file_transfer.cgi endpoint.
Read more...The Rifatron Intelligent Digital Security System DVR suffers from an unauthenticated and unauthorized live stream disclosure when animate.cgi script is called through Mobile Web Viewer module.
Read more...Debian Linux Security Advisory 4507-1 - Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform[…]
Read more...Ubuntu Security Notice 4059-1 - It was discovered that Squid incorrectly handled certain SNMP packets. A remote attacker could possibly use this issue to cause memory consumption, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS[…]
Read more...The IDAL HTTP server CGI interface contains a URL, which allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. In the IDAL CGI interface, there is a URL (/cgi/loginDefaultUser), which will create a session in an[…]
Read more...Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from a denial of service vulnerability. By querying CGI endpoints with empty (GET/POST/HEAD) requests causes a Segmentation Fault of the uhttpd webserver. Since there is no watchdog on this daemon, a device reboot[…]
Read more...An HTML Injection vulnerability has been discovered on the RICOH SP 4520DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn or entryDisplayNameIn parameter.
Read more...An HTML Injection vulnerability has been discovered on the RICOH SP 4510DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.
Read more...An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can[…]
Read more...An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a arbitrary setting writes, resulting in the unverified changes to any system setting. An attacker[…]
Read more...An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an information disclosure, resulting in the exposure of confidential information, including, but not limited to,[…]
Read more...An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the[…]
Read more...An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a unverified device configuration change, resulting in an unverified change of the user password[…]
Read more...An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP request[…]
Read more...This Metasploit module exploits a command injection vulnerability in Imperva SecureSphere version 13.x. The vulnerability exists in the PWS service, where Python CGIs did not properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading[…]
Read more...devolo dLAN 550 duo+ version 3.1.0-1 suffers from a remote code execution vulnerability. The devolo firmware has what seems to be a 'hidden' services which can be enabled by authenticated attacker via the the htmlmgr CGI script. This allows the[…]
Read more...This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.900 and below. Any user authorized to the "Java file manager" and "Upload and Download" fields, to execute arbitrary commands with root privileges. In addition, "Running Processes" field[…]
Read more...
