FLIR AX8 version 1.46.16 and below is vulnerable to remote command injection. An attacker can exploit this vulnerability to execute arbitrary commands on the target system. This vulnerability has been assigned CVE-2022-37061.
An authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager API allows unauthorized access to a selected account. By exploiting this vulnerability, an attacker can add an SSH key to the authorized_keys file of the chosen account, enabling them to log in to the system with that account. Successful exploitation can lead to remote code execution.
The Ethercreative Logs plugin for Craft CMS 3.0.3 allows authenticated users to perform a path traversal attack via the 'Logs' functionality. This vulnerability (CVE-2022-23409) enables an attacker to access arbitrary files on the file system with the permissions of the web service user by manipulating the requested log file.
Garage Management System 1.0 is vulnerable to stored XSS due to inadequate client-side validation. An attacker can manipulate a request using tools like Burp Suite to evade validation, leading to the injection of malicious scripts into the 'categoriesName' parameter. This can result in the execution of arbitrary scripts in the context of the user's browser.
Craft CMS Logs Plugin version 3.0.3 allows an authenticated attacker to perform path traversal by exploiting a lack of proper validation in the log file reading functionality. This can lead to the unauthorized access of arbitrary files on the underlying file system with the permissions of the web service user. This has been assigned CVE-2022-23409.
The script aims to exploit a vulnerability in a cluster manager by searching for a specific 'Alias' parameter in the href attribute of HTML links. If the parameter is found, the script proceeds with the exploitation process. It utilizes BeautifulSoup for parsing HTML content and requests library for making HTTP requests. The vulnerability can potentially lead to information disclosure.
The exploit targets multiple Zyxel products with firmware versions 4.09 through 4.71, 4.50 through 5.21, 4.32 through 5.21, 4.30 through 5.21, 1.00 through 1.33 Patch 4, and various earlier versions. These vulnerabilities could be exploited by a local authenticated attacker to trigger buffer overflow or system crash through a crafted payload. The exploit leverages format string bugs in the 'extension' argument of certain zysh commands to execute arbitrary code and escape the restricted shell environment.
The DataCube3 version 1.0 allows attackers to perform remote code execution through an unrestricted file upload vulnerability. By exploiting this flaw, an attacker could upload malicious files to the server, leading to the execution of arbitrary code. This vulnerability has been assigned CVE-2024-25830 and CVE-2024-25832.
The exploit targets Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, and several other firmware versions. An authenticated attacker could exploit the improper input validation flaws in some CLI commands to cause a buffer overflow or system crash with a crafted payload.
The DataCube3 v1.0 software is vulnerable to an unrestricted file upload vulnerability that can lead to remote code execution. An attacker can exploit this to upload malicious files to the server, potentially allowing them to execute arbitrary commands. This exploit also includes a reverse shell chain and information disclosure, such as leaking root passwords.
Services By CQR