Search
Total
472 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1550 | 1 Cisco | 12 Wap125, Wap125 Firmware, Wap131 and 9 more | 2021-05-26 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device. | |||||
| CVE-2021-1555 | 1 Cisco | 12 Wap125, Wap125 Firmware, Wap131 and 9 more | 2021-05-26 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device. | |||||
| CVE-2021-1554 | 1 Cisco | 12 Wap125, Wap125 Firmware, Wap131 and 9 more | 2021-05-26 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device. | |||||
| CVE-2021-1553 | 1 Cisco | 12 Wap125, Wap125 Firmware, Wap131 and 9 more | 2021-05-26 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device. | |||||
| CVE-2021-1547 | 1 Cisco | 12 Wap125, Wap125 Firmware, Wap131 and 9 more | 2021-05-26 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device. | |||||
| CVE-2020-12967 | 1 Amd | 65 Epyc 7232p, Epyc 7251, Epyc 7252 and 62 more | 2021-05-25 | 9.0 HIGH | 7.2 HIGH |
| The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | |||||
| CVE-2021-26311 | 1 Amd | 65 Epyc 7232p, Epyc 7251, Epyc 7252 and 62 more | 2021-05-25 | 9.0 HIGH | 7.2 HIGH |
| In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. | |||||
| CVE-2021-23012 | 1 F5 | 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 11 more | 2021-05-24 | 7.2 HIGH | 8.2 HIGH |
| On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x before 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either "Resource Administrator" or "Administrator" roles to execute arbitrary bash commands on BIG-IP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2020-13664 | 1 Drupal | 1 Drupal | 2021-05-14 | 9.3 HIGH | 8.8 HIGH |
| Arbitrary PHP code execution vulnerability in Drupal Core under certain circumstances. An attacker could trick an administrator into visiting a malicious site that could result in creating a carefully named directory on the file system. With this directory in place, an attacker could attempt to brute force a remote code execution vulnerability. Windows servers are most likely to be affected. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.1 versions prior to 9.0.1. | |||||
| CVE-2021-25166 | 1 Arubanetworks | 1 Airwave | 2021-05-03 | 6.5 MEDIUM | 8.8 HIGH |
| A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. | |||||
| CVE-2017-8411 | 1 Dlink | 2 Dcs-1130, Dcs-1130 Firmware | 2021-04-26 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request (to test if email credentials and hostname sent to the device work properly) result in being passed as commands to a "system" API in the function and thus result in command injection on the device. If the firmware version is dissected using binwalk tool, we obtain a cramfs-root archive which contains the filesystem set up on the device that contains all the binaries. The library "libmailutils.so" is the one that has the vulnerable function "sub_1FC4" that receives the values sent by the POST request. If we open this binary in IDA-pro we will notice that this follows an ARM little endian format. The function sub_1FC4 in IDA pro is identified to be receiving the values sent in the POST request and the value set in POST parameter "receiver1" is extracted in function "sub_15AC" which is then passed to the vulnerable system API call. The vulnerable library function is accessed in "cgibox" binary at address 0x00023BCC which calls the "Send_mail" function in "libmailutils.so" binary as shown below which results in the vulnerable POST parameter being passed to the library which results in the command injection issue. | |||||
| CVE-2020-27862 | 1 Dlink | 4 Dsl-2888a, Dsl-2888a Firmware, Dva-2800 and 1 more | 2021-04-23 | 5.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by default. When parsing the path parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the web server. Was ZDI-CAN-10911. | |||||
| CVE-2017-8413 | 1 Dlink | 4 Dcs-1100, Dcs-1100 Firmware, Dcs-1130 and 1 more | 2021-04-23 | 8.3 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon on UDP port 5978 which is called "dldps2121" and listens for broadcast packets sent on 255.255.255.255. This daemon handles custom D-Link UDP based protocol that allows D-Link mobile applications and desktop applications to discover D-Link devices on the local network. The binary processes the received UDP packets sent from any device in "main" function. One path in the function traverses towards a block of code that handles commands to be executed on the device. The custom protocol created by D-Link follows the following pattern: Packetlen, Type of packet; M=MAC address of device or broadcast; D=Device Type;C=base64 encoded command string;test=1111. If a packet is received with the packet type being "S" or 0x53 then the string passed in the "C" parameter is base64 decoded and then executed by passing into a System API. We can see at address 0x00009B44 that the string received in packet type subtracts 0x31 or "1" from the packet type and is compared against 0x22 or "double quotes". If that is the case, then the packet is sent towards the block of code that executes a command. Then the value stored in "C" parameter is extracted at address 0x0000A1B0. Finally, the string received is base 64 decoded and passed on to the system API at address 0x0000A2A8 as shown below. The same form of communication can be initiated by any process including an attacker process on the mobile phone or the desktop and this allows a third-party application on the device to execute commands on the device without any authentication by sending just 1 UDP packet with custom base64 encoding. | |||||
| CVE-2019-12786 | 1 Dlink | 2 Dir-818lw, Dir-818lw Firmware | 2021-04-23 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the IPAddress key. | |||||
| CVE-2021-28143 | 1 Dlink | 2 Dir-841, Dir-841 Firmware | 2021-04-23 | 7.7 HIGH | 8.0 HIGH |
| /jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute (under System Tools). | |||||
| CVE-2021-20527 | 1 Ibm | 1 Resilient | 2021-04-23 | 6.5 MEDIUM | 7.2 HIGH |
| IBM Resilient SOAR V38.0 could allow a privileged user to create create malicious scripts that could be executed as another user. IBM X-Force ID: 198759. | |||||
| CVE-2021-28144 | 1 Dlink | 2 Dir-3060, Dir-3060 Firmware | 2021-04-23 | 9.0 HIGH | 8.8 HIGH |
| prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely. | |||||
| CVE-2021-23380 | 1 Roar-pidusage Project | 1 Roar-pidusage | 2021-04-23 | 7.5 HIGH | 7.3 HIGH |
| This affects all versions of package roar-pidusage. If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. | |||||
| CVE-2021-23348 | 1 Portprocesses Project | 1 Portprocesses | 2021-04-02 | 6.5 MEDIUM | 8.8 HIGH |
| This affects the package portprocesses before 1.0.5. If (attacker-controlled) user input is given to the killProcess function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. | |||||
| CVE-2021-23363 | 1 Kill-by-port Project | 1 Kill-by-port | 2021-04-02 | 6.5 MEDIUM | 8.8 HIGH |
| This affects the package kill-by-port before 0.0.2. If (attacker-controlled) user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. | |||||
| CVE-2021-1443 | 1 Cisco | 1 Ios Xe | 2021-03-29 | 8.5 HIGH | 7.2 HIGH |
| A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sanitizes values that are parsed from a specific configuration file. An attacker could exploit this vulnerability by tampering with a specific configuration file and then sending an API call. A successful exploit could allow the attacker to inject arbitrary code that would be executed on the underlying operating system of the affected device. To exploit this vulnerability, the attacker would need to have a privileged set of credentials to the device. | |||||
| CVE-2021-22864 | 1 Github | 1 Enterprise Server | 2021-03-26 | 6.5 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to override environment variables leading to code execution on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.0.3 and was fixed in 3.0.3, 2.22.9, and 2.21.17. This vulnerability was reported via the GitHub Bug Bounty program. | |||||
| CVE-2021-29070 | 1 Netgear | 10 Rbk852, Rbk852 Firmware, Rbk853 and 7 more | 2021-03-26 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-29069 | 1 Netgear | 6 Wnr2000v5, Wnr2000v5 Firmware, Xr450 and 3 more | 2021-03-26 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before 2.3.2.114, and WNR2000v5 before 1.0.0.76. | |||||
| CVE-2021-23360 | 1 Killport Project | 1 Killport | 2021-03-26 | 6.5 MEDIUM | 8.8 HIGH |
| This affects the package killport before 1.0.2. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. Running this PoC will cause the command touch success to be executed, leading to the creation of a file called success. | |||||
| CVE-2021-27221 | 1 Mikrotik | 1 Routeros | 2021-03-26 | 8.5 HIGH | 8.1 HIGH |
| ** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or overwrite arbitrary .rsc files via the /export command. NOTE: the vendor's position is that this is intended behavior because of how user policies work. | |||||
| CVE-2020-27864 | 1 Dlink | 2 Dap-1860, Dap-1860 Firmware | 2021-03-25 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 firmware version 1.04B03 WiFi extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the Authorization request header, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-10880. | |||||
| CVE-2021-29072 | 1 Netgear | 10 Rbk852, Rbk852 Firmware, Rbk853 and 7 more | 2021-03-24 | 5.2 MEDIUM | 8.4 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12. | |||||
| CVE-2021-26962 | 1 Arubanetworks | 1 Airwave | 2021-03-11 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to full system compromise. | |||||
| CVE-2021-26681 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-03-01 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-26683 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-27 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-26684 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-27 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-26680 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-26 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-26679 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-26 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2020-7848 | 1 Iptime | 2 C200, C200 Firmware | 2021-02-18 | 7.7 HIGH | 8.0 HIGH |
| The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value. | |||||
| CVE-2021-21976 | 1 Vmware | 1 Vsphere Replication | 2021-02-17 | 6.5 MEDIUM | 7.2 HIGH |
| vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6.5.x prior to 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an authenticated admin user to perform a remote code execution. | |||||
| CVE-2021-26576 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2021-02-10 | 7.2 HIGH | 7.8 HIGH |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so uploadsshkey function. | |||||
| CVE-2021-25172 | 1 Hpe | 2 Apollo 70 System, Baseboard Management Controller | 2021-02-10 | 7.2 HIGH | 7.8 HIGH |
| The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so websetdefaultlangcfg function. | |||||
| CVE-2021-1317 | 1 Cisco | 12 Rv016 Multi-wan Vpn Router, Rv016 Multi-wan Vpn Router Firmware, Rv042 Dual Wan Vpn Router and 9 more | 2021-02-08 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. | |||||
| CVE-2021-1316 | 1 Cisco | 12 Rv016 Multi-wan Vpn Router, Rv016 Multi-wan Vpn Router Firmware, Rv042 Dual Wan Vpn Router and 9 more | 2021-02-08 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. | |||||
| CVE-2021-1315 | 1 Cisco | 12 Rv016 Multi-wan Vpn Router, Rv016 Multi-wan Vpn Router Firmware, Rv042 Dual Wan Vpn Router and 9 more | 2021-02-08 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. | |||||
| CVE-2021-1314 | 1 Cisco | 12 Rv016 Multi-wan Vpn Router, Rv016 Multi-wan Vpn Router Firmware, Rv042 Dual Wan Vpn Router and 9 more | 2021-02-08 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. | |||||
| CVE-2021-1318 | 1 Cisco | 12 Rv016 Multi-wan Vpn Router, Rv016 Multi-wan Vpn Router Firmware, Rv042 Dual Wan Vpn Router and 9 more | 2021-02-08 | 9.0 HIGH | 7.2 HIGH |
| Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on an affected device. | |||||
| CVE-2020-8101 | 1 Adt | 2 Lifeshield Diy Hd Video Doorbell, Lifeshield Diy Hd Video Doorbell Firmware | 2021-02-05 | 8.3 HIGH | 8.8 HIGH |
| Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in HTTP interface of ADT LifeShield DIY HD Video Doorbell allows an attacker on the same network to execute commands on the device. This issue affects: ADT LifeShield DIY HD Video Doorbell version 1.0.02R09 and prior versions. | |||||
| CVE-2020-7384 | 1 Rapid7 | 1 Metasploit | 2021-02-03 | 9.3 HIGH | 7.8 HIGH |
| Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim's machine. | |||||
| CVE-2021-3317 | 1 Klogserver | 1 Klog Server | 2021-02-01 | 6.5 MEDIUM | 8.8 HIGH |
| KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter. | |||||
| CVE-2021-1261 | 1 Cisco | 12 Sd-wan Firmware, Sd-wan Vbond Orchestrator, Sd-wan Vmanage and 9 more | 2021-01-29 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1260 | 1 Cisco | 12 Sd-wan Firmware, Sd-wan Vbond Orchestrator, Sd-wan Vmanage and 9 more | 2021-01-29 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1262 | 1 Cisco | 12 Sd-wan Firmware, Sd-wan Vbond Orchestrator, Sd-wan Vmanage and 9 more | 2021-01-29 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1263 | 1 Cisco | 12 Sd-wan Firmware, Sd-wan Vbond Orchestrator, Sd-wan Vmanage and 9 more | 2021-01-29 | 7.2 HIGH | 7.8 HIGH |
| Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||