Security Vulnerabilities - CVEs Published In March 2019
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetWLanACLSettings API function, as demonstrated by shell metacharacters in the wl(0).(0)_maclist field.
CVSS Score
9.8
EPSS Score
0.093
Published
2019-03-07
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetSmartQoSSettings API function, as demonstrated by shell metacharacters in the smartqos_priority_devices field.
CVSS Score
9.8
EPSS Score
0.04
Published
2019-03-07
Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension.
CVSS Score
8.8
EPSS Score
0.011
Published
2019-03-07
An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF vulnerability that can change the payment account to redirect funds.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-03-07
dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter.
CVSS Score
6.1
EPSS Score
0.108
Published
2019-03-07
WUZHI CMS 4.1.0 has stored XSS via the "Membership Center" "I want to ask" "detailed description" field under the index.php?m=member URI.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-03-07
WUZHI CMS 4.1.0 has stored XSS via the "Extension module" "SMS in station" field under the index.php?m=core URI.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-03-07
/console/account/manage.php?type=action&action=add in JTBC v3.0(C) has CSRF for adding an administrator account.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-03-07
LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-03-07
EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-03-07