Products Solutions Support Partners Commercial Display UK&IE EN Cybersecurity Security Advisory Command Injection Vulnerability FAQs: Command Injection Vulnerability Q: What is the Command Injection Vulnerability? A: As stated in Hikvision officia...
Command Injection in /bin/protest AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H (7.8/7.1) The /bin/protest binary on various D-Link router firmware images is vulnerable to command injection. This allows an authenticated attacker to execute arbitrary shell commands
A vulnerability in the CLI of Cisco IOS XR 64-Bit Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges on the underlying Linux operating system (OS) of an affected device. This vulnerab
Cause of the Vulnerability URLs for repositories in root composer.json files and package source download URLs were not sanitized sufficiently and could be interpreted as options for system commands executed by Composer (parameter injection). This problem alone does not yet allow command execution, as ...
Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection. (Vulnerability ID: HWPSIRT-2020-59877) This vulnerab...
Summary There is a command injection vulnerability in Huawei products. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service. (Vulnerability ID: HWPSIRT-2020-96403) ...
We discovered a severe command injection vulnerability in Apache Kylin that allows malicious users to execute arbitrary OS commands.
A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server. This vulnerability is due to insufficient validation...
Cisco Nexus 3000 and 9000 Series Switches Command Injection Vulnerability Medium Advisory ID: cisco-sa-nxos-ici-dpOjbWxk First Published: 2025 February 26 16:00 GMT Version 1.0: Final Workarounds: No workarounds available Cisco Bug IDs: ...
Describe the bug My company nexus blocked quarkus-ide-launcher due to the following Vulnerability. https://snyk.io/vuln/maven:org.apache.maven.shared:maven-shared-utils@3.2.1 Expected behavior Should not have dependencies issues with qua...