Page 2 of 15 results (0.014 seconds)

CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e. BusyBox wget, de BusyBox project , en versiones anteriores al commit con ID 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e, contiene una vulnerabilidad de desbordamiento de búfer en Busybox wget que puede resultar en un desbordamiento de búfer basado en memoria dinámica (heap). Este ataque parece ser explotable mediante conectividad de red. • https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html https://usn.ubuntu.com/3935-1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file". Busybox contiene una vulnerabilidad de falta de validación de certificados SSL en el applet "busybox wget" que puede resultar en la ejecución de código arbitrario. El ataque parece ser explotable mediante la descarga de cualquier archivo por HTTPS mediante "busybox wget https://compromised-domain.com/important-file". • http://lists.busybox.net/pipermail/busybox/2018-May/086462.html https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91 https://usn.ubuntu.com/4531-1 • CWE-295: Improper Certificate Validation •

CVSS: 8.8EPSS: 0%CPEs: 189EXPL: 13

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. En la función add_match en libbb/lineedit.c en BusyBox hasta la versión 1.27.2, la característica de autocompletar pestañas del shell, empleada para obtener una lista de nombres de archivo en un directorio, no inmuniza los nombres de archivo. Esto conduce a la ejecución de cualquier secuencia de escape en el terminal. Esto podría resultar en la ejecución de código, escrituras arbitrarias de archivos u otros ataques. • http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html http://packetstormsecurity.com/files/154536/VMware-Security-Advisory-2019-0013.html http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html http://seclists.org/fulldisclosure/2019/Jun/18 http://seclists.org/fulldisclosure/2019/Sep/7 http://seclists.org/fulldisclosure/2020/Aug/20 http://seclists.org/fulldisclosure/2020/Mar/15 http://seclists.org/fulldisclosure • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 4

Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink. Una vulnerabilidad de salto de directorio en la implementación de tar en BusyBox en versiones anteriores a 1.22.0 v5 permite que atacantes remotos apunten a archivos situados fuera del actual directorio de trabajo a través de un symlink. The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector. • http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html http://seclists.org/fulldisclosure/2019/Jun/18 http://seclists.org/fulldisclosure/2020/Aug/20 http://www.openwall.com/lists/oss-security/2015/10/21/7 https://bugzilla.redhat.com/show_bug.cgi?id=1274215 https://lists.debian.org/debian-lts-announce/2018/07/msg00037.html https://lists.debian.org/debian-lts-announce/2021/02/msg00020.html https://seclists.org/bugtraq& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0

The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop. La función recv_and_process_client_pkt en networking/ntpd.c en busybox permite a atacantes remotos provocar una denegación de servicio (consumo de CPU y ancho de banda) a través de un paquete NTP falsificado, lo que desencadena un bucle de comunicación. Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities. • http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html http://seclists.org/fulldisclosure/2019/Jun/18 http://seclists.org/fulldisclosure/2019/Sep/7 http://seclists.org/fulldisclosure/2020/Aug/20 http://seclists.org/fulldisclosure/2020/Mar/15 http://www.openwall.com/lists/oss-security/2016/08/03/7 http://www.securityfocus.com/b • CWE-399: Resource Management Errors •