An exploit that allows an attacker to remotely execute commands on an Aurba 501 device. By manipulating the 'ping_ip' parameter in a POST request, an attacker can inject arbitrary commands, leading to unauthorized access.
The exploit allows an attacker to reset the administrator password for HughesNet HT2000W Satellite Modem by taking advantage of CVE-2021-20090, a path traversal vulnerability in the HTTP daemon. The exploit also exploits other vulnerabilities like improper use of httokens for authentication and leaking the MD5 hash of the password.
The Elber ESE DVB-S/S2 Satellite Receiver 1.5.x devices are prone to an authentication bypass vulnerability due to unauthorized access to the password management function. By manipulating the set_pwd endpoint, attackers can change the password of any user, granting them unauthorized administrative access to critical parts of the application and compromising system security.
The vulnerability allows attackers to execute malicious scripts by embedding them in the filename of an image file uploaded as part of creating a new ticket in the HelpDeskZ software version 2.0.2. Successful exploitation can lead to compromise of the administration panel and execution of unauthorized scripts in the administrator's environment.
Calibre-web 0.6.21 is vulnerable to a Stored Cross-Site Scripting (XSS) vulnerability. This allows an attacker to insert malicious scripts stored on the server and run in the context of another user's session. By exploiting this vulnerability, an attacker can execute arbitrary scripts in the victim's browser.
The Genexus Protection Server 9.7.2.10 is vulnerable to an unquoted service path issue, which could allow an attacker to escalate privileges on the system by placing a malicious executable in the path without quotes. This could lead to arbitrary code execution with elevated privileges.
The Oracle Database 12c Release 1 service 'OracleDBConsoleorcl' on Windows 10 Pro x64 has an unquoted service path, which can potentially allow an attacker to escalate privileges by placing a malicious executable in the unquoted path that is executed with elevated privileges. This vulnerability has been assigned CVE-ID: TBD.
The Ivanti vADC version 9.9 is susceptible to an authentication bypass vulnerability. By sending a crafted request to the wizard.fcgi endpoint with specific parameters, an attacker can create a new admin user without proper authentication, leading to unauthorized access to the system.
SolarWinds Kiwi Syslog Server 9.6.7.1 has an unquoted service path vulnerability, which could allow an attacker to escalate privileges by placing a malicious executable in the system path. This vulnerability has been assigned CVE-ID CVE-2024-XXXXX.
The Devika v1 application is vulnerable to a path traversal exploit via the 'snapshot_path' parameter. By manipulating the parameter, an attacker can traverse directories and access sensitive files such as /etc/passwd. This vulnerability has been assigned the CVE ID CVE-2024-40422.