Skip to main content

Stor2Rrd

5 CVEs product

Monthly

CVE-2021-42372 HIGH POC This Week

A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Lpar2Rrd Stor2Rrd
NVD GitHub
CVSS 3.1
8.8
EPSS
6.1%
CVE-2021-42371 CRITICAL Act Now

lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Lpar2Rrd Stor2Rrd
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-42370 HIGH This Week

A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because cleartext information is present in HTML password input fields in the device properties. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Lpar2Rrd Stor2Rrd
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-24032 CRITICAL Act Now

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Lpar2Rrd Stor2Rrd
NVD
CVSS 3.1
9.8
EPSS
5.4%
CVE-2019-19041 HIGH POC This Week

An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Lpar2Rrd Stor2Rrd
NVD GitHub
CVSS 3.1
7.2
EPSS
2.0%
EPSS 6% CVSS 8.8
HIGH POC This Week

A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7.30 allows authenticated remote attackers to execute arbitrary shell commands as the user running the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Lpar2Rrd Stor2Rrd
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Lpar2Rrd Stor2Rrd
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

A password mismanagement situation exists in XoruX LPAR2RRD and STOR2RRD before 7.30 because cleartext information is present in HTML password input fields in the device properties. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Lpar2Rrd Stor2Rrd
NVD GitHub
EPSS 5% CVSS 9.8
CRITICAL Act Now

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Lpar2Rrd Stor2Rrd
NVD
EPSS 2% CVSS 7.2
HIGH POC This Week

An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as distributed in Xorux 2.41. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Lpar2Rrd Stor2Rrd
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy