Sensitive information disclosure vulnerability exists in the undisclosed iControl REST endpoint and TMOS Shell (tmsh) command which may allow an authenticated attacker with resource administrator role
A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalat
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arb
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arb
An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access ma
An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware version M2.1.6.04C014 via the ServerName and TimeZone parameters in the servetest CGI page. An attacker wi
An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral NetProfiler and NetExpress 10.8.7 virtual appliances. A SQL injection vulnerability in the '/api/common
The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability an authenticated attacker can send
arbitrar
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site us
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform
A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to a bash shell. For BIG
Command injection vulnerability in the Edge Computing UI for the
TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the
web
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading t
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize input for the p
Certain models of routers from Billion Electric has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject arbitrary system commands into a specific S
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must hav
A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary comm
A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The mani
When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdu
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remot