Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-43325: CVE-2022-43325

An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.

CVE
Open in Source
#vulnerability#auth

OS Command Injection - Omnia MPX

CVE ID: CVE-2022-43325

CVE Author: Momen Eldawakhly (Cyber Guy) & Ahmed Alroky (Bad Bot)

Description:

A command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.

PoC Image:

Previous

CVE-2022-43326

Next

PyScript File Read

Last modified 20h ago

Related news

CVE-2022-43326: CVE-2022-43326

An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords.

CVE-2022-44038: CVE-2022-44038

Russound XSourcePlayer 777D v06.08.03 was discovered to contain a remote code execution vulnerability via the scriptRunner.cgi component.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE