82 matches found
EUVD-2022-31780
Malicious code in bioql PyPI...
EUVD-2022-31775
Malicious code in bioql PyPI...
EUVD-2022-31783
Malicious code in bioql PyPI...
EUVD-2022-31782
Malicious code in bioql PyPI...
EUVD-2024-27366
Malicious code in bioql PyPI...
EUVD-2025-14395
Malicious code in bioql PyPI...
EUVD-2024-27368
Malicious code in bioql PyPI...
CVE-2022-27273
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution RCE vulnerability via the function sub12168. This vulnerability is triggered via a crafted packet...
PT-2025-20904 · Unknown · Cp-Xr-De21-S
Name of the Vulnerable Software and Affected Versions: CP-XR-DE21-S -4G Router Firmware version 1.031.022 Description: The issue concerns insecure protections for the UART console, allowing local attackers to connect via a serial connection, read the boot sequence, and reveal internal system...
CVE-2025-44039
CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to the UART port via a serial connection, read all boot sequence, and revealing internal system details and sensitive...
D-Link G416 安全漏洞
The D-Link G416 is the AX1500 4G+ Smart Router launched by AUO in June 2025 and supports Wi-Fi 6, AI Smart Optimization and 4G LTE Cat 6 network with up to 300Mbps internet speed. The D-Link G416 suffers from a command injection remote code execution vulnerability that stems from the flup lfilena...
CVE-2024-2415
Command injection vulnerability in Movistar 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an authenticated user to execute commands inside the router by making a POST request to the URL '/cgi-bin/gui.cgi'...
CVE-2024-2416
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated...
CVE-2024-2414
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
CVE-2024-2415 Command injection vulnerability in Movistar 4G router
Command injection vulnerability in Movistar 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an authenticated user to execute commands inside the router by making a POST request to the URL '/cgi-bin/gui.cgi'...
CVE-2024-2415
CVE-2024-2415 affects Movistar 4G router ES_WLD71-T1_v2.0.201820. Root cause is a command injection via an authenticated POST to the endpoint /cgi-bin/gui.cgi, allowing command execution inside the router. Impact is high (authenticated local command execution). Remediation/mitigation: apply vendo...
CVE-2024-2415 Command injection vulnerability in Movistar 4G router
Command injection vulnerability in Movistar 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an authenticated user to execute commands inside the router by making a POST request to the URL '/cgi-bin/gui.cgi'...
CVE-2024-2416
Movistar’s 4G router, ES_WLD71-T1_v2.0.201820, is affected by a Cross-Site Request Forgery vulnerability. The issue allows an attacker to force an authenticated user to perform unwanted actions in the web application. The CVE-2024-2416 entry, with CVSS v3.1 base score 6.5 (Privileges: None, User ...
CVE-2024-2416 Cross-Site Request Forgery vulnerability in Movistar 4G router
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated...
CVE-2024-2416 Cross-Site Request Forgery vulnerability in Movistar 4G router
Cross-Site Request Forgery vulnerability in Movistar's 4G router affecting version ESWLD71-T1v2.0.201820. This vulnerability allows an attacker to force an end user to execute unwanted actions in a web application in which they are currently authenticated...