CVE: CVE-2020-0634 Tested Versions: Windows RS2( 2019.01.08) build 7763 ntoskrnl.exe file version 10.0.17763.195 . MD5:4a8bc8a4b90486a5567fb6c6bf93ab6b Product URL(s): https://www.microsoft.com/ Description of the vulnerability An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system....

CVE: CVE-2020-1664 Tested Versions: Junos OS 20.1R1.11 Product URL(s): https://www.juniper.net/ Description of the vulnerability dcd is device control daemon and is running as root by default when the device starts. This daemon has a stack buffer overflow vulnerability that allows an attacker with low privilege to DOS the daemon or execute arbitrary code in the system with root privilege. The vulnerability exists in create_debug_data() function: FILE *create_debug_data() { char v13; // [esp+3h] [ebp-51h]  result = fopen("/var/tmp/dcd_debug....

CVE: CVE-2021-0218 Tested Versions: Junos OS 20.1R1.11 Product URL(s): https://www.juniper.net/ Description of the vulnerability license-check is a daemon to manage license in Juniper device. By default, this daemon is running as root. There is a command injection vulnerability in license-check daemon that allows an attacker with low privilege to execute a command with root privilege. The command injection exists in the license update feature. To update license, user run command request system license update in cli console....

CVE: CVE-2021-0219 Tested Versions: Junos OS 20.1R1.11 Product URL(s): https://www.juniper.net/ Description of the vulnerability The command injection vulnerability exists in the validation of the installed package. Upon successfully exploiting this vulnerability, an attacker with low privilege can execute a command with root privilege in the system. To validate a package on host before installing, user run command request system software add validate-on-host <host> <package-path> in cli console....

CVE: CVE-2021-1485 Tested Versions: Cisco IOS XRv 64 bit 7.0.2 Product URL(s): https://cisco.com Description of the vulnerability The router CLI implements some commands as passthrough to the underlying Linux shell. From some tests conducted, it is evident that there are some quoting issues when passing arguments to the shell. RP/0/RSP0/CPU0# dir "'" sh: -c: line 0: unexpected EOF while looking for matching `'' sh: -c: line 1: syntax error: unexpected end of file sh: -c: line 0: unexpected EOF while looking for matching `'' sh: -c: line 1: syntax error: unexpected end of file dir : ' : Path does not exist This type of issue could lead to arbitrary command injection from the restricted CLI that does not have direct access to the shell....

CVE: CVE-2020-15357 Tested Versions: Askey AP5100W version Dual_SIG_1.01.071 Product URL(s): https://www.askey.com.tw/ Description of the vulnerability Askey AP5100W was a wifi mesh node provided to Singtel customers as part of their Fibre Broadband contract package. It is used to provide greater WiFi coverage in homes or offices. The wifi mesh node comes with a configurable web interface that allows users to modify settings on their mesh nodes and run diagnostics....

CVE: CVE-2020-25545 Tested Versions: Askey AP5100W version Dual_SIG_1.01.071 Product URL(s): https://www.askey.com.tw/ Description of the vulnerability Askey AP5100W was a wifi mesh node provided to Singtel customers as part of their Fibre Broadband contract package. It is used to provide greater WiFi coverage in homes or offices. The wifi mesh node comes with a configurable web interface that allows users to modify settings on their mesh nodes and run diagnostics....