5 results (0.014 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command. Una vulnerabilidad de Inyección de Comandos de Sistema Operativo en la etapa de arranque de Bitdefender BOX 2, permite la manipulación de la función "get_image_url()" en circunstancias especiales para inyectar un comando de sistema. • https://www.bitdefender.com/support/security-advisories/bitdefender-box-2-bootstrap-get_image_size-command-injection-vulnerability • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks atomically, leading to an exploitable race condition (TOCTTOU) that allows arbitrary execution of system commands. This issue affects: Bitdefender Bitdefender BOX 2 versions prior to 2.1.47.36. Se presenta una vulnerabilidad de ejecución de comando explotable en la partición de recuperación de Bitdefender BOX 2, versión 2.0.1.91. El método "/api/update_setup" de la API no realiza comprobaciones de firma de firmware automáticamente, lo que conlleva a una condición de carrera explotable (TOCTTOU) lo que permite una ejecución arbitraria de comandos de sistema. • https://www.bitdefender.com/support/security-advisories/bitdefender-box-v2-bootstrap-update_setup-command-execution-vulnerability-va-2226 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-413: Improper Resource Locking •

CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 1

A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method `/api/download_image` unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands. In order to exploit the condition, an unauthenticated attacker should impersonate a infrastructure server to trigger this vulnerability. Se ha detectado una vulnerabilidad de inyección de comandos en la etapa de arranque de Bitdefender BOX 2, versiones 2.1.47.42 y 2.1.53.45. El método de la API "/api/download_image" maneja de manera no segura la URL de firmware de producción suministrada por servidores remotos, conllevando a una ejecución arbitraria de comandos de sistema. • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0919 https://www.bitdefender.com/support/security-advisories/command-injection-vulnerability-in-bitdefender-box-v2-va-5706 https://www.cybersecurity-help.cz/vdb/SB2020012215?affChecked=1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX appliance via the web API. In order to exploit this vulnerability, an attacker needs presence in Bitdefender BOX setup network and Bitdefender BOX be in setup mode. Se detectó un problema en Bitdefender BOX en las versiones de firmware anteriores a 2.1.37.37-34, lo que permite a un atacante pasar código arbitrario hacia el dispositivo BOX por medio de la API web. Para explotar esta vulnerabilidad, un atacante necesita presencia en la red de configuración de Bitdefender BOX y que Bitdefender BOX este en modo de configuración. • https://www.bitdefender.com/support/security-advisories/bitdefender-box-local-code-execution •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the general reliability of the product. Specially crafted packets sent to the miniupnpd implementation in result in the device allocating memory without freeing it later. This behavior can cause the miniupnpd component to crash or to trigger a device reboot. Se detectó un problema en Bitdefender BOX versiones de firmware anteriores a 2.1.37.37-34 que afecta la confiabilidad general del producto. Los paquetes especialmente diseñados enviados hacia la implementación miniupnpd resultan en que el dispositivo asigne memoria sin liberar más tarde. • https://www.bitdefender.com/support/security-advisories/bitdefender-box-denial-service-va-3184 • CWE-770: Allocation of Resources Without Limits or Throttling •