CVE-2022-27964
https://notcve.org/view.php?id=CVE-2022-27964
Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file. Xmanager versiones v7.0.0096 y anteriores, contiene una vulnerabilidad de secuestro binario que permite a atacantes ejecutar código arbitrario por medio de un archivo .exe diseñado • https://github.com/ycdxsb/Vuln/blob/main/NetSarang-CreateProcessW-Misuse-Binary-Hijack/Xmanager-CreateProcessW-Misuse-Binary-Hijack https://www.netsarang.com/en/xmanager-update-history • CWE-428: Unquoted Search Path or Element •
CVE-2012-1009 – NetSarang Xlpd Printer Daemon 4 - Denial of Service
https://notcve.org/view.php?id=CVE-2012-1009
NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service (daemon crash) via a malformed LPD request. NetSarang Xlpd v4 Build 0100 y NetSarang Xmanager Enterprise c4 Build 0186, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una petición LPD mal formada. • https://www.exploit-db.com/exploits/18454 http://secpod.org/advisories/SecPod_Exploit_NetSarang_Xlpd_Printer_Daemon_DoS_Vuln.txt http://secpod.org/blog/?p=457 http://www.exploit-db.com/exploits/18454 http://www.securityfocus.com/bid/51821 https://exchange.xforce.ibmcloud.com/vulnerabilities/72933 •