![]() A specially crafted HTTP request can allow for a user to inject arbitrary data in the “msmtprc” configuration file resulting in command execution. An attacker can simply send an HTTP request to the device to trigger this vulnerability.Īn exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during account creation resulting in command injection. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authentic request.Īn exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3.Īn exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. ![]() ![]() This vulnerability is distinct from CVE-2016-9031. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. ![]() An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |