• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-77

CVE-2023-0127

February 22, 2023 by godfreyd94

A command injection vulnerability in the firmware_update command, in the device’s restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root.

CVE-2023-0039

February 22, 2023 by godfreyd94

The User Post Gallery – UPG plugin for WordPress is vulnerable to authorization bypass which leads to remote command execution due to the use of a nopriv AJAX action and user supplied function calls and parameters in versions up to, and including 2.19. This makes it possible for unauthenticated attackers to call arbitrary PHP functions and perform actions like adding new files that can be webshells and updating the site’s options to allow anyone to register as an administrator.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 170
  • Go to page 171
  • Go to page 172

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE