man-cgi versions prior to 1.16 suffer from a local file inclusion vulnerability.
bca0e6274252ccbf0017f77e91d0f04eMicrohard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from a system backup configuration file 'IPn4G.config' in '/' directory or its respective name based on the model name including the similar files in '/www/cgi-bin/system.conf', '/tmp' and the cli.conf in '/etc/m_cli/' can be downloaded by an authenticated attacker in certain circumstances. This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access. Many versions are affected.
e8955597bdd0224a62bfdb870b980cf0This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/simple_loglistjs.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.12.0.19 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.12.0.4 firmware.
3c493d70dda3e9875442ed78bc1db5d8Ubuntu Security Notice 3665-1 - It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. It was discovered that Tomcat contained incorrect documentation regarding description of the search algorithm used by the CGI Servlet to identify which script to execute. This issue only affected Ubuntu 17.10. Various other issues were also addressed.
4010dd1ed3cd225ed49a240fc59a47d5Teradek VidiU Pro version 3.0.3 suffers from a stream disclosure vulnerability in snapshot.cgi.
85f74b0bec8310d4a27675d34c91fdcfTeradek Slice version 7.3.15 suffers from a stream disclosure vulnerability in snapshot.cgi.
0cf6b30e0f45999cc94c85ea740b66edTeradek T-RAX version 7.3.2 suffers from a stream disclosure vulnerability in snapshot.cgi.
b94d2810cd0ee343c10b24d906ad3e7dTeradek Cube version 7.3.6 suffers from a stream disclosure vulnerability in snapshot.cgi.
4503c90da737c7d782d2b0c1ff45ad01Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a dlp_policy_upload.cgi remote code execution vulnerability.
f56935b7186a1bb0e06c683d70145e04This Metasploit module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled.
b52da760a508f605f6ac4e9e7f6f0ffeD-Link routers 110/412/615/815 versions prior to 1.03 suffer from a service.cgi arbitrary code execution vulnerability.
3d62c7e0cb26b053130f3ca201d0f494Synology DiskStation Manager (DMS) versions prior to 6.1.3-15152 suffer from a forget_passwd.cgi user enumeration vulnerability.
c48c4c4573098defd903d29ddeae9f02Synology StorageManager version 5.2 suffers from a remote root command execution vulnerability in smart.cgi.
0e725291dedfc743e647723b95b3a423This Metasploit module exploits an unauthenticated OS command execution vulnerability in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models.
ca19c9ae7f1297c6b3244ef66e8bdb35IPFire, a free linux based open source firewall distribution, version prior to 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field.
1f8ebd286acb009b1e30960495f5b74dSonicwall SRA version 8.1.0.2-14sv gencsr.cgi remote command injection exploit.
1b8a31b46825c7465b2937b76b39b411Various WiMAX CPEs are vulnerable to an authentication bypass. An attacker can set arbitrary configuration values without prior authentication. The vulnerability is located in commit2.cgi (implemented in libmtk_httpd_plugin.so).
cd86304aec43ab3feeb8080444d44ebaUbuntu Security Notice 3253-2 - USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that Nagios incorrectly handled certain long messages to cmd.cgi. A remote attacker could possibly use this issue to cause Nagios to crash, resulting in a denial of service. Dawid Golunski discovered that Nagios incorrectly handled symlinks when accessing log files. A local attacker could possibly use this issue to elevate privileges. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions. Various other issues were also addressed.
04f7a17df00f437de002a52271d94331EnGenius EnShare suffers from an unauthenticated command injection vulnerability in which an attacker can inject and execute arbitrary code as the root user via the 'path' GET/POST parameter parsed by 'usbinteract.cgi' script.
6051f5e6ab0341318d0a8979089a82beThis Metasploit module exploits a command injection vulnerability in an undocumented CGI file in several versions of the WePresent WiPG-1000 devices. Version 2.0.0.7 was confirmed vulnerable, 2.2.3.0 patched this vulnerability.
9b114a97c4c0d9295990975928a03725Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a dlp_policy_upload.cgi information disclosure vulnerability.
1adf882631024240e0ddc894cd726f0bTrend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a logoff.cgi directory traversal authentication bypass vulnerability.
e64dcba98301f1ab384f8984e9224a9bTrend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from an admin_sys_time.cgi remote code execution vulnerability.
3cf21d2a823e33a734b8a40da596090aTrend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a admin_sys_time.cgi remote code execution vulnerability.
7f4e75e562a262a818281920334a6854Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a detected_potential_files.cgi remote code execution vulnerability.
aa20468f976a8f6eddbfec0fe9caa436
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed