Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2024-45252
Disclosure Date: October 06, 2024 (last updated October 07, 2024)
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
0
Attacker Value
Unknown
CVE-2024-45251
Disclosure Date: October 06, 2024 (last updated October 07, 2024)
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
0
Attacker Value
Unknown
CVE-2022-36784
Disclosure Date: November 17, 2022 (last updated October 26, 2023)
Elsight – Elsight Halo Remote Code Execution (RCE)
Elsight Halo web panel allows us to perform connection validation.
through the POST request :
/api/v1/nics/wifi/wlan0/ping
we can abuse DESTINATION parameter and leverage it to remote code execution.
0
