home.social
Sign in Create account

#commandinjection — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #commandinjection, aggregated by home.social.

  1. Analyst207 @[email protected] ·

    PHP Composer Flaws Expose Code Execution Risk, Prompting Patches

    Critical flaws in PHP Composer, a popular package manager, leave countless websites vulnerable to code execution attacks - but fortunately, patches have been released to swiftly mitigate this risk. If exploited, these high-severity vulnerabilities could allow hackers to execute arbitrary commands, putting entire…

    osintsights.com/php-composer-f

    #PhpComposer #CodeExecution #PackageManager #CommandInjection #VulnerabilityManagement

    #phpcomposer #codeexecution #packagemanager #commandinjection #vulnerabilitymanagement
  2. The DefendOps Diaries @[email protected] ·

    Missing a firmware update on your TP-Link Omada gateway could be like leaving your front door wide open—hackers can run commands on your network with ease. Is your business protected?

    thedefendopsdiaries.com/critic

    #tp-link
    #commandinjection
    #networksecurity
    #firmwareupdate
    #cybersecurityrisks

    #tp #commandinjection #networksecurity #firmwareupdate #cybersecurityrisks
  3. Pyrzout :vm: @[email protected] ·

    Critical Figma MCP Server Flaw Allows Remote Code Execution dailydarkweb.net/critical-figm #RemoteCodeExecution #DeveloperSecurity #commandinjection #Vulnerability #CyberSecurity #vulnerability #CVE202553967 #Figma #patch #MCP #RCE

    #remotecodeexecution #developersecurity #commandinjection #vulnerability #cybersecurity #cve202553967
  4. sekurak News @[email protected] ·

    Kolejny problem Fortineta – podatne FortiSIEM pod ostrzałem

    Mamy wrażenie, że nie tylko nas zaczynają nużyć problemy produktów bezpieczeństwa, zwłaszcza od kilku firm… . Tym razem legendarny badacz SinSinology prezentuje krytyczną podatność (9.8 w skali CVSS w biuletynie bezpieczeństwa producenta) w produkcie dedykowanym dużym organizacjom – FortiSIEM. TLDR: Sprawa nie jest błaha, ponieważ jak informuje Fortinet luka ta...

    #WBiegu #CommandInjection #Fortinet #Podatność #Rce #Siem #Websec

    sekurak.pl/kolejny-problem-for

    #wbiegu #commandinjection #fortinet #podatnosc #rce #siem
  5. sekurak News @[email protected] ·

    Zdalne wykonanie kodu bez uwierzytelnienia na Centosie – panel CWP

    CentOS Web Panel to darmowe rozwiązanie dostępne na systemach z rodziny CentOS (lub korzystających z RPM), składające się właściwie z dwóch elementów. Oferuje interfejs administratorski do zarządzania serwerem, konfiguracji usług takich jak serwery WWW, poczty e-mail czy DNS. Oprócz tego, na innym porcie udostępniany jest drugi panel dla użytkowników końcowych,...

    #WBiegu #Authbypass #Centos #CommandInjection #Cwp #Rce #Websec

    sekurak.pl/zdalne-wykonanie-ko

    #wbiegu #authbypass #centos #commandinjection #cwp #rce
  6. Pyrzout :vm: @[email protected] ·

    CERT-IN Warns About Critical Vulnerabilities in Palo Alto Networks Applications thecyberexpress.com/cert-in-vu #informationdisclosure #privilegeescalation #TheCyberExpressNews #CybersecurityNews #commandinjection #paloaltonetworks #securityadvisory #Vulnerabilities #TheCyberExpress #FirewallDaily #cybersecurity #GlobalProtect #CortexXSOAR #CERTIn #PANOS

    #informationdisclosure #privilegeescalation #thecyberexpressnews #cybersecuritynews #commandinjection #paloaltonetworks
  7. Pyrzout :vm: @[email protected] ·

    CERT-IN Warns About Critical Vulnerabilities in Palo Alto Networks Applications thecyberexpress.com/cert-in-vu #informationdisclosure #privilegeescalation #TheCyberExpressNews #CybersecurityNews #commandinjection #paloaltonetworks #securityadvisory #Vulnerabilities #TheCyberExpress #FirewallDaily #cybersecurity #GlobalProtect #CortexXSOAR #CERTIn #PANOS

    #panos #certin #cortexxsoar #globalprotect #cybersecurity #firewalldaily
  8. Pyrzout :vm: @[email protected] ·

    Linksys Router Flaw Let Attackers Perform Command Injection, PoC Released gbhackers.com/linksys-router-f #VulnerabilityAnalysis #CVE/vulnerability #CyberSecurityNews #CommandInjection #LinksysRouter #Vulnerability #Exploit

    #vulnerabilityanalysis #cve #cybersecuritynews #commandinjection #linksysrouter #vulnerability
  9. Harry Sintonen @[email protected] ·

    Palo Alto Networks #GlobalProtect 0day exploited since at least March 26 - bleepingcomputer.com/news/secu #paloaltonetworks #commandinjection #vulnerability #infosec #cybersecurity #cve20243400

    #globalprotect #paloaltonetworks #commandinjection #vulnerability #infosec #cybersecurity
  10. Harry Sintonen @[email protected] ·

    CVE-2024-3400 PAN-OS: OS Command Injection #Vulnerability in #GlobalProtect Gateway

    A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.

    This issue will be fixed in hotfix releases of PAN-OS 10.2.9-h1 (ETA: By 4/14), PAN-OS 11.0.4-h1 (ETA: By 4/14), and PAN-OS 11.1.2-h3 (ETA: By 4/14), and in all later PAN-OS versions.

    ref: security.paloaltonetworks.com/ #paloaltonetworks #commandinjection #vulnerability #infosec #cybersecurity #cve20243400

    #vulnerability #globalprotect #paloaltonetworks #commandinjection #infosec #cybersecurity
  11. Antonio Francesco Sardella @[email protected] ·

    The advisory of the authenticated command injection I found on Cacti 1.2.24 has been published (CVE-2023-39362).

    github.com/Cacti/cacti/securit

    #security #cybersecurity #websecurity #appsec #applicationsecurity #hacking #responsibledisclosure #exploit #cacti #rce #commandinjection #remotecommandexecution #cve202339362

    #security #cybersecurity #websecurity #appsec #applicationsecurity #hacking