Total
2296 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-2373 | 1 Ui | 3 Edgemax Edgerouter Firmware, Er-x, Er-x-sfp | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Management Interface. The manipulation of the argument ecn-up leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227649 was assigned to this vulnerability. | |||||
| CVE-2023-29799 | 1 Totolink | 2 X18, X18 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function. | |||||
| CVE-2023-28935 | 1 Apache | 1 Unstructured Information Management Architecture | 2024-11-21 | N/A | 8.8 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" (DUCC) module of Apache UIMA, an authenticated user that has the permissions to modify core entities can cause command execution as the system user that runs the web process. As the "Distributed UIMA Cluster Computing" module for UIMA is retired, we do not plan to release a fix for this issue. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-28854 | 1 Nophp Project | 1 Nophp | 2024-11-21 | N/A | 8.0 HIGH |
| nophp is a PHP web framework. Prior to version 0.0.1, nophp is vulnerable to shell command injection on httpd user. A patch was made available at commit e5409aa2d441789cbb35f6b119bef97ecc3986aa on 2023-03-30. Users should update index.php to 2023-03-30 or later or, as a workaround, add a function such as `env_patchsample230330.php` to env.php. | |||||
| CVE-2023-28832 | 1 Siemens | 4 6gk1411-1ac00, 6gk1411-1ac00 Firmware, 6gk1411-5ac00 and 1 more | 2024-11-21 | N/A | 7.2 HIGH |
| A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The web based management of affected devices does not properly validate user input, making it susceptible to command injection. This could allow an authenticated privileged remote attacker to execute arbitrary code with root privileges. | |||||
| CVE-2023-28712 | 1 Propumpservice | 2 Osprey Pump Controller, Osprey Pump Controller Firmware | 2024-11-21 | N/A | 8.2 HIGH |
| Osprey Pump Controller version 1.01 contains an unauthenticated command injection vulnerability that could allow system access with www-data permissions. | |||||
| CVE-2023-28489 | 1 Siemens | 4 Cp-8031, Cp-8031 Firmware, Cp-8050 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation” is enabled. The parameter is disabled by default. The vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device. | |||||
| CVE-2023-28460 | 1 Arraynetworks | 21 Apv10650, Apv11600, Apv1600 and 18 more | 2024-11-21 | N/A | 7.2 HIGH |
| A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer. | |||||
| CVE-2023-28430 | 1 Onesignal | 1 React-native-onesignal | 2024-11-21 | N/A | 7.3 HIGH |
| OneSignal is an email, sms, push notification, and in-app message service for mobile apps.The Zapier.yml workflow is triggered on issues (types: [closed]) (i.e., when an Issue is closed). The workflow starts with full write-permissions GitHub repository token since the default workflow permissions on Organization/Repository level are set to read-write. This workflow runs the following step with data controlled by the comment `(${{ github.event.issue.title }} – the full title of the Issue)`, allowing an attacker to take over the GitHub Runner and run custom commands, potentially stealing any secret (if used), or altering the repository. This issue was found with CodeQL using javascript’s Expression injection in Actions query. This issue has been addressed in the repositories github action. No actions are required by users. This issue is also tracked as `GHSL-2023-051`. | |||||
| CVE-2023-28425 | 1 Redis | 1 Redis | 2024-11-21 | N/A | 5.5 MEDIUM |
| Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10. | |||||
| CVE-2023-28130 | 1 Checkpoint | 1 Gaia Portal | 2024-11-21 | N/A | 7.2 HIGH |
| Local user may lead to privilege escalation using Gaia Portal hostnames page. | |||||
| CVE-2023-28110 | 1 Fit2cloud | 2 Jumpserver, Koko | 2024-11-21 | N/A | 5.7 MEDIUM |
| Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko can result in the execution of dangerous commands that may disrupt the Koko container environment and affect normal usage. The vulnerability has been fixed in v2.28.8. | |||||
| CVE-2023-28012 | 1 Hcltech | 1 Bigfix Mobile | 2024-11-21 | N/A | 5.4 MEDIUM |
| HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server. | |||||
| CVE-2023-27796 | 1 Ruijienetworks | 6 Rg-ew1200g Pro, Rg-ew1200g Pro Firmware, Rg-ew1800gx Pro and 3 more | 2024-11-21 | N/A | 8.8 HIGH |
| RG-EW1200G PRO Wireless Routers EW_3.0(1)B11P204, RG-EW1800GX PRO Wireless Routers EW_3.0(1)B11P204, and RG-EW3200GX PRO Wireless Routers EW_3.0(1)B11P204 were discovered to contain multiple command injection vulnerabilities via the data.ip, data.protocal, data.iface and data.package parameters in the runPackDiagnose function of diagnose.lua. | |||||
| CVE-2023-27581 | 1 Github-slug-action Project | 1 Github-slug-action | 2024-11-21 | N/A | 8.8 HIGH |
| github-slug-action is a GitHub Action to expose slug value of GitHub environment variables inside of one's GitHub workflow. Starting in version 4.0.0` and prior to version 4.4.1, this action uses the `github.head_ref` parameter in an insecure way. This vulnerability can be triggered by any user on GitHub on any workflow using the action on pull requests. They just need to create a pull request with a branch name, which can contain the attack payload. This can be used to execute code on the GitHub runners and to exfiltrate any secrets one uses in the CI pipeline. A patched action is available in version 4.4.1. No workaround is available. | |||||
| CVE-2023-27407 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2024-11-21 | N/A | 9.9 CRITICAL |
| A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based management of affected device does not properly validate user input, making it susceptible to command injection. This could allow an authenticated remote attacker to access the underlying operating system as the root user. | |||||
| CVE-2023-27240 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip. | |||||
| CVE-2023-26800 | 1 Ruijienetworks | 6 Rg-ew1200, Rg-ew1200 Firmware, Rg-ew1200g Pro and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Ruijie Networks RG-EW1200 Wireless Routers EW_3.0(1)B11P204 was discovered to contain a command injetion vulnerability via the params.path parameter in the upgradeConfirm function. | |||||
| CVE-2023-26602 | 1 Asus | 1 Asmb8-ikvm Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution. | |||||
| CVE-2023-26493 | 1 Cocos | 1 Cocos-engine | 2024-11-21 | N/A | 8.1 HIGH |
| Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the `web-interface-check.yml` was subject to command injection. The `web-interface-check.yml` was triggered when a pull request was opened or updated and contained the user controllable field `(${{ github.head_ref }} – the name of the fork’s branch)`. This would allow an attacker to take over the GitHub Runner and run custom commands (potentially stealing secrets such as GITHUB_TOKEN) and altering the repository. The workflow has since been removed for the repository. There are no actions required of users. | |||||