API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation allowing for OS command injection.
This vulnerability can only be exploited after
Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password policy for backup file encryption.
This vulnerability can only be exploited after
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient
Verification of Data Authenticity vulnerability could allow an attacker
to escalate their privileges and gain root access to the sy
2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input
2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application.
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary
code execution with root permissions.
2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation.
This vulnerability ca
An OS command injection vulnerability within the update functionality may allow an authenticated administrator to execute unauthorized arbitrary OS commands.
Users with administrative privileges ma
An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. A successful exploitation of this vulnerability results in the ability to execute arbitr
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From
Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows a
Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.
This issue affects:
Product
Affected Versions
LoadMaster
From
A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow an authenticated attacker with administra
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious act
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious act
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To explo
Page 1+ Next →