CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter. This module allows us to deploy an agent in a remote vulnerable target.
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavisd via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavisd automatically prefers it over cpio.
Due to an unauthenticated endpoint that leverages XStream for input serialization in VMware NSX Manager, an attacker can get remote code execution in the context of 'root' user account on the appliance.
A java deserialization vulnerability and a blind XXE vulnerability allows unauthenticated remote attackers to execute system commands in Zoho ManageEngine ADAudit Plus.
OS command injection vulnerability in multiple API endpoints of Bitbucket Server and Data Center. An attacker with access to a public Bitbucket repository or with read permissions to a private one can execute arbitrary code by sending a malicious HTTP request.
A default erlang cluster node cookie in Apache CouchDB allows attackers to access, gain admin privileges and execute system commands with couchdb user privileges.
An authentication bypass vulnerability present in com.vmware.vcops.ui.util.MainPortalFilter class, an information disclosure vulnerability present in com.vmware.vcops.ui.action.SupportLogsAction and a local privilege escalation in the generateSupportBundle.py script; allows unauthenticated remote attackers to execute system commands as root in VMware vRealize Operations Manager by using a dashboard shared link.
An authentication bypass in OAuth2TokenResourceController access control service, a JDBC injection that allows remote code execution in DBConnectionCheckController dbCheck and a local privilege escalation via publishCaCert.hzn and gatherConfig.hzn; allows unauthenticated remote attackers to execute system commands as root.
An athentication bypass present in iControl REST of F5 BIG-IP allows unauthenticated remote attackers to execute OS commands as root.
The customError.ftl filter in VMware Workspace ONE Access allows remote attackers to achieve remote code execution via server-side template injection.