• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-78

CVE-2020-24297

February 26, 2023 by

httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed version: TL-WPA4220(EU)_V4_201023

CVE-2020-24354

February 26, 2023 by

Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by shell injection.

CVE-2020-24220

February 26, 2023 by

ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server.

CVE-2020-24032

February 26, 2023 by

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone.

CVE-2020-24054

February 26, 2023 by

The administration console of the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units features a ‘statusbroadcast’ command that can spawn a given process repeatedly at a certain time interval as ‘root’. One of the limitations of this feature is that it only takes a path to a binary without arguments; however, this can be circumvented using special shell variables, such as ‘${IFS}’. As a result, an attacker can execute arbitrary commands as ‘root’ on the units.

CVE-2020-24057

February 26, 2023 by

The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint (‘ipfilter.cgi’) that allows the user to manage network filtering on the unit. This endpoint is vulnerable to a command injection. An authenticated attacker can leverage this issue to execute arbitrary commands as ‘root’.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 113
  • Go to page 114
  • Go to page 115
  • Go to page 116
  • Go to page 117
  • Interim pages omitted …
  • Go to page 342
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE