NESA Lab - Security Researcher - Exploit Intelligence Platform

CVE-2019-19117 WRITEUP HIGH WRITEUP

PHICOMM K2(PSG1218) V22.5.9.163 - Command Injection

/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG1218) V22.5.9.163 devices allows remote authenticated users to execute any command via shell metacharacters in the cgi-bin/luci autoUpTime parameter.

CVSS 8.8

View Code

CVE-2020-19189 WRITEUP MEDIUM WRITEUP

ncurses 6.1 - Buffer Overflow

Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

CVSS 6.5

View Code

CVE-2020-19190 WRITEUP MEDIUM WRITEUP

ncurses 6.1 - Buffer Overflow

Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.

CVSS 6.5

View Code