An authentication bypass in OAuth2TokenResourceController access control service, a JDBC injection that allows remote code execution in DBConnectionCheckController dbCheck and a local privilege escalation via publishCaCert.hzn and gatherConfig.hzn; allows unauthenticated remote attackers to execute system commands as root.
An athentication bypass present in iControl REST of F5 BIG-IP allows unauthenticated remote attackers to execute OS commands as root.
The customError.ftl filter in VMware Workspace ONE Access allows remote attackers to achieve remote code execution via server-side template injection.
An unsafe data binding used to populate an object from request parameters (either query parameters or form data) to set a Tomcat specific ClassLoader in Spring MVC and Spring WebFlux applications allows unauthenticated attackers to upload and execute a JSP file in the Tomcat virtual file system webapps directory.
Hard-coded credentials for the diagnostics user can be used to authenticate in the UCMDB component.
Then a java deserialization vulnerability present in several endpoints of the UCMDB service can be used to execute OS commands.
Then a java deserialization vulnerability present in several endpoints of the UCMDB service can be used to execute OS commands.
Apache Unomi allows conditions to use OGNL and MVEL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process.
This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and self IP addresses, to execute arbitrary system commands, create or delete files, and disable services. This vulnerability can only be exploited through the control plane and cannot be exploited through the data plane. Exploitation can lead to complete system compromise. The BIG-IP system in Appliance mode is also vulnerable
A vulnerability in the File Manager (wp-file-manager) plugin for WordPress, version 6.0 to 6.8, allows to unauthenticated remote attackers to upload and execute arbitrary PHP code because.
The root cause is an unsafe renaming of a example elFinder connector file with the php extension.
Successful exploitation of this vulnerability allows attackers to write php files to the wp-content/plugins/wp-file-manager/lib/files/ directory of Wordpress.
The root cause is an unsafe renaming of a example elFinder connector file with the php extension.
Successful exploitation of this vulnerability allows attackers to write php files to the wp-content/plugins/wp-file-manager/lib/files/ directory of Wordpress.
An authenticated JNDI injection vulnerability in Oracle Weblogic Server allows attackers to execute a java class file to gain arbitrary code execution on the affected system.
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.
Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.
Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.