CVE-2026-41282

ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets not the default configuration...

CVE-2026-41282

ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets not the default configuration...

EUVD-2025-41282

Malicious code in dewanto-mendut23-sukiwir npm...

CVE-2021-41282

diagroutes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection...

CVE-2022-41282

A vulnerability has been identified in JT2Go All versions V14.1.0.6, Teamcenter Visualization V13.2 All versions V13.2.0.12, Teamcenter Visualization V13.3 All versions V13.3.0.8, Teamcenter Visualization V14.0 All versions V14.0.0.4, Teamcenter Visualization V14.1 All versions V14.1.0.6. The...

QNAP QTS / QuTS hero Multiple Vulnerabilities in QTS, QuTS hero and QuTScloud (QSA-23-53)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by multiple vulnerabilities as referenced in the QSA-23-53 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

QNAP QTS Multiple Vulnerabilities (QSA-23-46, QSA-23-53)

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

CVE-2023-41282

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596...

CVE-2023-41282

CVE-2023-41282 is an OS command injection affecting QNAP QTS, QuTS hero, and QuTScloud. The vulnerability could allow an authenticated administrator to execute commands via a network. Affected versions have been fixed in QTS 5.1.4.2596 build 20231128 and later, QuTS hero h5.1.4.2596 build 2023112...

CVE-2023-41282 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596...

CVE-2023-41282 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596...

CVE-2022-41282

creationtimestamp| type| source ---|---|--- 2022-12-13 18:22:04+00:00| seen| https://t.me/cibsecurity/54415...

CVE-2022-41282

A vulnerability has been identified in JT2Go All versions V14.1.0.6, Teamcenter Visualization V13.2 All versions V13.2.0.12, Teamcenter Visualization V13.3 All versions V13.3.0.8, Teamcenter Visualization V14.0 All versions V14.0.0.4, Teamcenter Visualization V14.1 All versions V14.1.0.6. The...

CVE-2022-41282

CVE-2022-41282 is an out-of-bounds read vulnerability in the CGM_NIST_Loader.dll used by Siemens JT2Go and Teamcenter Visualization. When parsing CGM files, an out-of-bounds read can allow code execution in the current process. Affected products and versions include JT2Go all versions before 14.1...

pfSense Remote Code Execution (CVE-2021-41282)

A remote code execution vulnerability exists in pfSense. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

pfSense Diag Routes Web Shell Upload

This module exploits an arbitrary file creation vulnerability in the pfSense HTTP interface CVE-2021-41282. The vulnerability affects versions use exploit/unix/http/pfsensediagrouteswebshell msf exploitpfsensediagrouteswebshell show targets ...targets... msf exploitpfsensediagrouteswebshell set...

pfSense 2.5.2 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense Diag Routes Web Shell Upload', 'Description' = %q This module exploits an arbitrary file creation vulnerability in the pfSense HTTP...

pfSense 2.5.2 Shell Upload Exploit

This Metasploit module exploits an arbitrary file creation vulnerability in the pfSense HTTP interface CVE-2021-41282. The vulnerability affects versions 2.5.2 and below and can be exploited by an authenticated user if they have the "WebCfg - Diagnostics: Routing tables" privilege. This module us...

CVE-2021-41282

creationtimestamp| type| source ---|---|--- 2022-03-03 21:29:29+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/pfsensediagrouteswebshell.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:40+00:00| see...

CVE-2021-41282

diagroutes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection...