CVSS: 10.0EPSS: 96%CPEs: 398EXPL: 30CVE-2021-44228 – Apache Log4j2 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-44228
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. • https://github.com/fullhunt/log4j-scan https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words https://github.com/cyberstruggle/L4sh https://github.com/woodpecker-appstore/log4j-payload-generator https://github.com/tangxiaofeng7/apache-log4j-poc https://www.exploit-db.com/exploits/51183 https://www.exploit-db.com/exploits/50592 https://www.exploit-db.com/exploits/50590 https://github.com/logpresso/CVE-2021-44228-Scanner https://github.com/jas502n/Log4j2-CVE-2021-44228 h • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 10.0EPSS: 63%CPEs: 3EXPL: 1CVE-2011-0364 – Cisco Security Agent Management st_upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0364
The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request. La consola de administración (webagent.exe) en Cisco Security Agent v5.1, v5.2 y v6.0 antes de v6.0.2.145 permite a atacantes remotos crear ficheros arbitrarios y ejecutar código de su elección a través de parámetros no especificados en una petición st_upload debidamente modificada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Security Agent Management Console. Authentication is not required to exploit this vulnerability. The flaw exists within the webagent.exe component which is handed requests by an Apache instance that listens by default on TCP port 443. When handling an st_upload request the process does not properly validate POST parameters used for a file creation. • https://www.exploit-db.com/exploits/17155 http://secunia.com/advisories/43383 http://secunia.com/advisories/43393 http://securityreason.com/securityalert/8095 http://securityreason.com/securityalert/8197 http://securityreason.com/securityalert/8205 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml http://www.securityfocus.com/archive/1/516505/100/0/threaded http://www.securityfocus.com/bid/46420 http://www.securitytracker.com/id?1025088 http://www.vupen. • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-0147
https://notcve.org/view.php?id=CVE-2010-0147
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en el Management Center para Cisco Security Agents v5.1 anterior a v5.1.0.117, v5.2 anterior a v5.2.0.296, y v6.0 anterior a v6.0.1.132, permite a usuarios autenticados remotamente ejecutar comandos SQL de su elección a través de vectores sin especificar. • http://osvdb.org/62444 http://secunia.com/advisories/38619 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml http://www.securityfocus.com/bid/38272 http://www.securitytracker.com/id?1023606 http://www.vupen.com/english/advisories/2010/0416 https://exchange.xforce.ibmcloud.com/vulnerabilities/56346 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 18%CPEs: 18EXPL: 0CVE-2007-5580
https://notcve.org/view.php?id=CVE-2007-5580
Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445. Un desbordamiento de búfer en un determinado controlador en Cisco Security Agent versiones 4.5.1 anteriores a 4.5.1.672, versiones 5.0 anteriores a 5.0.0.225, versiones 5.1 anteriores a 5.1.0.106, y versiones 5.2 anteriores a 5.2.0.238 en Windows, permite a los atacantes remotos ejecutar código arbitrario por medio de un paquete SMB especialmente diseñado en una sesión TCP en el puerto (1) 139 o (2) 445. • http://osvdb.org/39521 http://secunia.com/advisories/27947 http://securityreason.com/securityalert/3425 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618 http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml http://www.nsfocus.com/english/homepage/research/0702.htm http://www.securityfocus.com/archive/1/484669/100/100/threaded http://www.securityfocus.com/bid/26723 http://www.securitytracker.com/id?1019046 http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2007-1065
https://notcve.org/view.php?id=CVE-2007-1065
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836. Cisco Secure Services Client (CSSC) versiones 4.x, Trust Agent versiones 1.x y 2.x, Cisco Security Agent (CSA) versiones 5.0 y 5.1 (cuando ha sido desplegado un agente de confianza vulnerable), y el Meetinghouse AEGIS SecureConnect Client, permiten a usuarios locales alcanzar privilegios SYSTEM por medio de vectores no especificados en el requiriente, también se conoce como CSCsf15836. • http://osvdb.org/33048 http://secunia.com/advisories/24258 http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml http://www.securityfocus.com/bid/22648 http://www.securitytracker.com/id?1017683 http://www.securitytracker.com/id?1017684 http://www.vupen.com/english/advisories/2007/0690 https://exchange.xforce.ibmcloud.com/vulnerabilities/32622 •