CVE-2022-0194
- EPSS 8.17%
- Published 28.03.2023 19:15:09
- Last modified 21.11.2024 06:38:06
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results fr...
CVE-2022-45188
- EPSS 0.05%
- Published 12.11.2022 05:15:12
- Last modified 21.11.2024 07:28:55
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
CVE-2022-22995
- EPSS 0.18%
- Published 25.03.2022 23:15:08
- Last modified 21.11.2024 06:47:46
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code.
CVE-2021-31439
- EPSS 1.04%
- Published 21.05.2021 15:15:07
- Last modified 14.01.2025 19:29:55
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of D...
- EPSS 88.81%
- Published 20.12.2018 21:29:00
- Last modified 14.01.2025 19:29:55
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code executio...
CVE-2008-5718
- EPSS 1.82%
- Published 26.12.2008 17:30:00
- Last modified 09.04.2025 00:30:58
The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Titl...