CVE-2026-9534

A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument PIN can lead to os command injection. It is possible to launch the attack remotely. The...

EUVD-2026-31796

A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument PIN can lead to os command injection. It is possible to launch the attack remotely. The...

CVE-2026-9532

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument FileName leads to os command injection. The attack may be performe...

PT-2026-43194

A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument PIN can lead to os command injection. It is possible to launch the attack remotely. The...

TOTOLINK CA750-PoE 操作系统命令注入漏洞

The TOTOLINK CA750-PoE is a wireless network access device from China's Gion Electronics TOTOLINK. The Totolink CA750-PoE version 6.2c.510 suffers from an OS command injection vulnerability, which originates from an os command injection in the operation of the parameter webWlanIdx by the...

MiracleLinux 3 : tomcat5-5.5.23-0jpp.31.0.1.AXS3 (AXSA:2012-510:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-510:02 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Jav...

PT-2025-54180

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

PT-2025-53720

Name of the Vulnerable Software and Affected Versions Tenda W6-S version 1.0.0.4510 Description A stack-based buffer overflow exists in the R7websSsecurityHandler component of Tenda W6-S. The issue is located in the file /bin/httpd. Manipulation of the Cookie argument can trigger the overflow. Th...

EUVD-2025-28005

Malicious code in bioql PyPI...

CVE-2025-4371

A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection...

CVE-2025-4371

A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection...

CVE-2025-4371

CVE-2025-4371 affects Lenovo 510 FHD and Lenovo Performance FHD webcams. The issue arises from the devices’ firmware validation gap, which could let an attacker with physical access write arbitrary firmware updates over USB, enabling BadUSB-style control and potential persistence. The linked PT-2...

Lenovo 510 FHD和Lenovo Performance FHD 安全漏洞

Lenovo 510 FHD and Lenovo Performance FHD are both HD cameras from Lenovo China. A security vulnerability exists in the Lenovo 510 FHD and Lenovo Performance FHD that stems from a physical access that could lead to arbitrary firmware updates...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-510)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-510 advisory. A flaw has been found in Xen. An unprivileged guest can cause Denial of Service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-46838 A Null...

Navigate FDA 524b to get your medical cyber device to market

With amendment 524b officially enacted, medical devices across the United States and the globe are living under some new rules and procedures. You’re not alone if you are finding these new regulations a bit complex. Changes to business practices – particularly ones that involve millions of...

ch-510.com Improper Access Control vulnerability OBB-3795475

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2022-27545 · Tenda · Tenda W6-S

Name of the Vulnerable Software and Affected Versions: Tenda W6-S version 1.0.0.4510 Description: A stack overflow issue was discovered, which can be triggered via the linkEn parameter at the "/goform/setAutoPing" API endpoint. Recommendations: For Tenda W6-S version 1.0.0.4510, avoid using the...

PT-2022-27541 · Tenda · Tenda W6-S

Name of the Vulnerable Software and Affected Versions: Tenda W6-S version 1.0.0.4510 Description: A command injection issue was found in the tpi get ping output function at the "/goform/exeCommand" API endpoint. Recommendations: For Tenda W6-S version 1.0.0.4510, consider disabling the tpi get pi...

ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication Vulnerability

ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, and ZMM suffer from a missing authentication vulnerability. Versions below 8.88 ZEM500-510-560-760, ZEM600-800, ZEM720 and 15.00 ZMM200-220-210 are potentially affected. The ZKTeco time attendance device does not require authentication to use the web...

ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication

Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface The ZKTeco time attendance device does not require authentication to use the web interface, exposing the database of employees and their credentials. Details ======= Product: ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM Affect...