Xorux

Stor2rrd

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-42370

  • EPSS 0.18%
  • Published 08.11.2021 05:15:07
  • Last modified 21.11.2024 06:27:40

A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because cleartext information is present in HTML password input fields in the device properties. (Viewing the passwords requires configuring a web browser to display...

9.8

CVE-2021-42371

  • EPSS 0.73%
  • Published 08.11.2021 05:15:07
  • Last modified 21.11.2024 06:27:40

lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30.

9

CVE-2021-42372

Exploit
  • EPSS 11.89%
  • Published 08.11.2021 05:15:07
  • Last modified 21.11.2024 06:27:40

A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the service.

10

CVE-2020-24032

  • EPSS 16.76%
  • Published 18.08.2020 21:15:12
  • Last modified 21.11.2024 05:14:20

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone.