A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.
More Stories
USN-6766-2: Linux kernel vulnerabilities
It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations...
git-2.45.1-1.fc39
FEDORA-2024-4c06645f07 Packages in this update: git-2.45.1-1.fc39 Update description: update to 2.45.1 Read More
git-2.45.1-1.fc40
FEDORA-2024-ecba8476e2 Packages in this update: git-2.45.1-1.fc40 Update description: update to 2.45.1 Read More
ZDI-24-456: NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI FlexLogger. User interaction is required to...
ZDI-24-455: SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Although authentication is...
ZDI-24-454: SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required...