[webapps] Pandora FMS 7.0NG - 'net_tools.php' Remote Code Execution

Pandora FMS 7.0NG - 'net_tools.php' Remote Code Execution

[local] AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow (SEH)

AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow (SEH)

CVE-2020-7630 (git-add-remote)

git-add-remote through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name argument.

CVE-2020-7629 (install-package)

install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.

CVE-2020-7628 (install-package)

install-package through 1.1.6 is vulnerable to Command Injection. It allows execution of arbitrary commands via the device function.

CVE-2020-7625 (op-browser)

op-browser through 1.0.6 is vulnerable to Command Injection. It allows execution of arbitrary commands via the url function.

CVE-2020-7626 (karma-mojo)

karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument.

CVE-2020-7624 (effect)

effect through 1.0.4 is vulnerable to Command Injection. It allows execution of arbitrary command via the options argument.

CVE-2020-7627 (node-key-sender)

node-key-sender through 1.0.11 is vulnerable to Command Injection. It allows execution of arbitrary commands via the 'arrParams' argument in the 'execute()' function.

CVE-2020-9067 (smartax_ea5800_firmware, smartax_ma5600t_firmware, smartax_ma5800_firmware)

There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal (OLT). Affected product versions include:SmartAX MA5600T versions V800R013C10, V800R015C00, V800R015C10, V800R017C00, V800R017C10, V800R018C00, V800R018C10; SmartAX MA5800 versions V100R017C00, V100R017C10, V100R018C00, V100R018C10, V100R019C10; SmartAX EA5800 versions V100R018C00, V100R018C10, V100R019C10.