CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2021-33885 345 Exec Code 2021-08-25 2021-09-01
10.0
None Remote Low Not required Complete Complete Complete
An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to send the device malicious data that will be used in place of the correct data. This results in full system command access and execution because of the lack of cryptographic signatures on critical data sets.
252 CVE-2021-33841 78 2021-06-09 2021-06-21
10.0
None Remote Low Not required Complete Complete Complete
SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.
253 CVE-2021-33740 Exec Code 2021-07-14 2021-07-16
9.3
None Remote Medium Not required Complete Complete Complete
Windows Media Remote Code Execution Vulnerability
254 CVE-2021-33728 502 Exec Code 2021-10-12 2021-10-18
9.0
None Remote Low ??? Complete Complete Complete
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected system allows to upload JSON objects that are deserialized to JAVA objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary code on the device with root privileges.
255 CVE-2021-33721 78 Exec Code 2021-08-10 2021-08-17
9.0
None Remote Low ??? Complete Complete Complete
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges could exploit this vulnerability to execute arbitrary code on the system with system privileges.
256 CVE-2021-33672 116 Exec Code 2021-09-14 2021-09-24
9.3
None Remote Medium Not required Complete Complete Complete
Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in the application, the attacker can further execute operating system level commands in the chat recipient's scope. This could lead to a complete compromise of their confidentiality, integrity, and could temporarily impact their availability.
257 CVE-2021-33583 798 2021-09-30 2021-10-12
10.0
None Remote Low Not required Complete Complete Complete
REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file.
258 CVE-2021-33538 269 2021-06-25 2021-07-27
9.0
None Remote Low ??? Complete Complete Complete
In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.
259 CVE-2021-33534 78 Exec Code 2021-06-25 2021-07-08
9.0
None Remote Low ??? Complete Complete Complete
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the hostname functionality. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An attacker can send various requests while authenticated as a high privilege user to trigger this vulnerability.
260 CVE-2021-33533 78 2021-06-25 2021-07-27
9.0
None Remote Low ??? Complete Complete Complete
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. A specially crafted iw_serverip parameter can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.
261 CVE-2021-33532 78 2021-06-25 2021-07-27
9.0
None Remote Low ??? Complete Complete Complete
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iw_webs functionality. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iw_system call, resulting in remote control over the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.
262 CVE-2021-33531 798 2021-06-25 2021-07-27
9.0
None Remote Low ??? Complete Complete Complete
In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. An attacker can send diagnostic scripts while authenticated as a low privilege user to trigger this vulnerability.
263 CVE-2021-33530 78 Exec Code 2021-06-25 2021-07-27
9.0
None Remote Low ??? Complete Complete Complete
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker can send diagnostic while authenticated as a low privilege user to trigger this vulnerability.
264 CVE-2021-33528 710 2021-06-25 2021-07-27
9.0
None Remote Low ??? Complete Complete Complete
In Weidmueller Industrial WLAN devices in multiple versions an exploitable privilege escalation vulnerability exists in the iw_console functionality. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.
265 CVE-2021-33525 78 Exec Code 2021-05-24 2021-05-27
9.0
None Remote Low ??? Complete Complete Complete
EyesOfNetwork eonweb through 5.3-11 allows Remote Command Execution (by authenticated users) via shell metacharacters in the nagios_path parameter to lilac/export.php, as demonstrated by %26%26+curl to insert an "&& curl" substring for the shell.
266 CVE-2021-33514 78 2021-05-21 2021-05-27
10.0
None Remote Low Not required Complete Complete Complete
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the vulnerable /sqfs/lib/libsal.so.0.0 library used by a CGI application, as demonstrated by setup.cgi?token=';$HTTP_USER_AGENT;' with an OS command in the User-Agent field. This affects GC108P before 1.0.7.3, GC108PP before 1.0.7.3, GS108Tv3 before 7.0.6.3, GS110TPPv1 before 7.0.6.3, GS110TPv3 before 7.0.6.3, GS110TUPv1 before 1.0.4.3, GS710TUPv1 before 1.0.4.3, GS716TP before 1.0.2.3, GS716TPP before 1.0.2.3, GS724TPPv1 before 2.0.4.3, GS724TPv2 before 2.0.4.3, GS728TPPv2 before 6.0.6.3, GS728TPv2 before 6.0.6.3, GS752TPPv1 before 6.0.6.3, GS752TPv2 before 6.0.6.3, MS510TXM before 1.0.2.3, and MS510TXUP before 1.0.2.3.
267 CVE-2021-33501 79 Exec Code XSS 2021-07-19 2021-07-29
9.3
None Remote Medium Not required Complete Complete Complete
Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL.
268 CVE-2021-33393 2021-06-09 2021-06-21
9.0
None Remote Low ??? Complete Complete Complete
lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It might be owned by an unprivileged account, which could potentially be used to install a Trojan horse backup.pl script that is later executed by root. Similar problems with the ownership/permissions of other files may be present as well.
269 CVE-2021-33358 78 Exec Code 2021-06-09 2021-06-21
9.0
None Remote Low ??? Complete Complete Complete
Multiple vulnerabilities exist in RaspAP 2.3 to 2.6.5 in the "interface", "ssid" and "wpa_passphrase" POST parameters in /hostapd, when the parameter values contain special characters such as ";" or "$()" which enables an authenticated attacker to execute arbitrary OS commands.
270 CVE-2021-33356 269 Exec Code 2021-06-09 2021-06-21
9.0
None Remote Low ??? Complete Complete Complete
Multiple privilege escalation vulnerabilities in RaspAP 1.5 to 2.6.5 could allow an authenticated remote attacker to inject arbitrary commands to /installers/common.sh component that can result in remote command execution with root privileges.
271 CVE-2021-33256 1236 2021-08-09 2021-09-21
9.3
None Remote Medium Not required Complete Complete Complete
** DISPUTED ** A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1 Build No: 6101 can be exploited by an unauthenticated user. The j_username parameter seems to be vulnerable and a reverse shell could be obtained if a privileged user exports "User Attempts Audit Report" as CSV file. Note: The vendor disputes this vulnerability, claiming "This is not a valid vulnerability in our ADSSP product. We don't see this as a security issue at our side."
272 CVE-2021-33218 798 2021-07-07 2021-07-09
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access.
273 CVE-2021-33217 787 2021-07-07 2021-07-09
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root.
274 CVE-2021-33055 78 Exec Code 2021-08-30 2021-09-02
10.0
None Remote Low Not required Complete Complete Complete
Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code execution in non-English editions.
275 CVE-2021-33045 287 Bypass 2021-09-15 2021-10-06
10.0
None Remote Low Not required Complete Complete Complete
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
276 CVE-2021-33044 287 Bypass 2021-09-15 2021-10-06
10.0
None Remote Low Not required Complete Complete Complete
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
277 CVE-2021-33032 78 Exec Code 2021-07-22 2021-09-21
10.0
None Remote Low Not required Complete Complete Complete
A Remote Code Execution (RCE) vulnerability in the WebUI component of the eQ-3 HomeMatic CCU2 firmware up to and including version 2.57.5 and CCU3 firmware up to and including version 3.57.5 allows remote unauthenticated attackers to execute system commands as root via a simple HTTP request.
278 CVE-2021-32983 89 Exec Code Sql 2021-08-30 2021-09-07
10.0
None Remote Low Not required Complete Complete Complete
A Blind SQL injection vulnerability exists in the /DataHandler/Handler_CFG.ashx endpoint of Delta Electronics DIAEnergie Version 1.7.5 and prior. The application does not properly validate the user-controlled value supplied through the parameter keyword before using it as part of an SQL query. A remote, unauthenticated attacker can exploit this issue to execute arbitrary code in the context of NT SERVICE\MSSQLSERVER.
279 CVE-2021-32967 287 2021-08-30 2021-09-03
10.0
None Remote Low Not required Complete Complete Complete
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new administrative user without being authenticated or authorized, which may allow the attacker to log in and use the device with administrative privileges.
280 CVE-2021-32826 78 2021-08-16 2021-08-24
9.3
None Remote Medium Not required Complete Complete Complete
Proxyee-Down is open source proxy software. An attacker being able to provide an extension script (eg: through a MiTM attack or by hosting a malicious extension) may be able to run arbitrary commands on the system running Proxyee-Down. For more details including a PoC see the referenced GHSL-2021-053. As of the writing of this CVE there is currently no patched version.
281 CVE-2021-32814 22 Dir. Trav. 2021-08-03 2021-08-11
9.4
None Remote Low Not required None Complete Complete
Skytable is a NoSQL database with automated snapshots and TLS. Versions prior to 0.5.1 are vulnerable to a a directory traversal attack enabling remotely connected clients to destroy and/or manipulate critical files on the host's file system. This security bug has been patched in version 0.5.1. There are no known workarounds aside from upgrading.
282 CVE-2021-32802 829 2021-09-07 2021-09-14
10.0
None Remote Low Not required Complete Complete Complete
Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. There are several security concerns with passing user-generated content to this library, such as Server-Side-Request-Forgery, file disclosure or potentially executing code on the system. The risk depends on your system configuration and the installed library version. It is recommended that the Nextcloud Server is upgraded to 20.0.12, 21.0.4 or 22.1.0. These versions do not use this library anymore. As a workaround users may disable previews by setting `enable_previews` to `false` in `config.php`.
283 CVE-2021-32762 190 Overflow 2021-10-04 2021-11-28
9.0
None Remote Low ??? Complete Complete Complete
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This is a result of a vulnerability in the underlying hiredis library which does not perform an overflow check before calling the calloc() heap allocation function. This issue only impacts systems with heap allocators that do not perform their own overflow checks. Most modern systems do and are therefore not likely to be affected. Furthermore, by default redis-sentinel uses the jemalloc allocator which is also not vulnerable. The problem is fixed in Redis versions 6.2.6, 6.0.16 and 5.0.14.
284 CVE-2021-32758 91 Exec Code 2021-08-27 2021-09-08
9.0
None Remote Low ??? Complete Complete Complete
OpenMage Magento LTS is an alternative to the Magento CE official releases. Prior to versions 19.4.15 and 20.0.11, layout XML enabled admin users to execute arbitrary commands via block methods. The latest OpenMage Versions up from v19.4.15 and v20.0.11 have this Issue patched.
285 CVE-2021-32756 74 Exec Code 2021-07-21 2021-09-16
9.0
None Remote Low ??? Complete Complete Complete
ManageIQ is an open-source management platform. In versions prior to jansa-4, kasparov-2, and lasker-1, there is a flaw in the MiqExpression module of ManageIQ where a low privilege user could enter a crafted Ruby string which would be evaluated. Successful exploitation will allow an attacker to execute arbitrary code with root privileges on the host system. There are patches for this issue in releases named jansa-4, kasparov-2, and lasker-1. If possible, restrict users, via RBAC, to only the part of the application that they need access to. While MiqExpression is widely used throughout the product, restricting users can limit the surface of the attack.
286 CVE-2021-32708 367 Exec Code 2021-06-24 2021-09-20
9.3
None Remote Medium Not required Complete Complete Complete
Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions are: A user is allowed to supply the path or filename of an uploaded file, the supplied path or filename is not checked against unicode chars, the supplied pathname checked against an extension deny-list, not an allow-list, the supplied path or filename contains a unicode whitespace char in the extension, the uploaded file is stored in a directory that allows PHP code to be executed. Given these conditions are met a user can upload and execute arbitrary code on the system under attack. The unicode whitespace removal has been replaced with a rejection (exception). For 1.x users, upgrade to 1.1.4. For 2.x users, upgrade to 2.1.1.
287 CVE-2021-32590 89 Exec Code Sql 2021-08-04 2021-08-11
9.0
None Remote Low ??? Complete Complete Complete
Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands on the underlying SQL database via specifically crafted HTTP requests.
288 CVE-2021-32588 798 Exec Code 2021-08-18 2021-08-26
10.0
None Remote Low Not required Complete Complete Complete
A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password.
289 CVE-2021-32525 259 Exec Code 2021-07-07 2021-09-20
9.0
None Remote Low ??? Complete Complete Complete
The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to access the control interface with the administrator’s credential, entering the hard-coded password of the debug mode to execute the restricted system instructions. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
290 CVE-2021-32462 Exec Code 2021-07-08 2021-07-23
9.0
None Remote Low ??? Complete Complete Complete
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability.
291 CVE-2021-32305 78 Exec Code 2021-05-18 2021-06-22
10.0
None Remote Low Not required Complete Complete Complete
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.
292 CVE-2021-32238 787 DoS Exec Code Overflow 2021-05-18 2021-05-25
9.3
None Remote Medium Not required Complete Complete Complete
Epic Games / Psyonix Rocket League <=1.95 is affected by Buffer Overflow. Stack-based buffer overflow occurs when Rocket League handles UPK object files that can result in code execution and denial of service scenario.
293 CVE-2021-32090 77 2021-05-07 2021-06-17
10.0
None Remote Low Not required Complete Complete Complete
The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter.
294 CVE-2021-31956 269 2021-06-08 2021-06-14
9.3
None Remote Medium Not required Complete Complete Complete
Windows NTFS Elevation of Privilege Vulnerability
295 CVE-2021-31928 269 2021-06-10 2021-06-21
9.0
None Remote Low ??? Complete Complete Complete
Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to escalate privileges to superadministrator. It was fixed in v2021.1.0.2.
296 CVE-2021-31891 78 Exec Code 2021-09-14 2021-09-28
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.
297 CVE-2021-31838 77 Exec Code 2021-06-29 2021-07-02
9.0
None Remote Low ??? Complete Complete Complete
A command injection vulnerability in MVISION EDR (MVEDR) prior to 3.4.0 allows an authenticated MVEDR administrator to trigger the EDR client to execute arbitrary commands through PowerShell using the EDR functionality 'execute reaction'.
298 CVE-2021-31819 502 Exec Code 2021-09-22 2021-09-29
10.0
None Remote Low Not required Complete Complete Complete
In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification.
299 CVE-2021-31769 78 Exec Code 2021-06-21 2021-06-28
9.0
None Remote Low ??? Complete Complete Complete
MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorization. An attacker can inject arbitrary OS commands (such as commands to create new .php files) via the Task Scheduler component.
300 CVE-2021-31758 787 Exec Code Overflow 2021-05-07 2021-05-10
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.