Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 3 days ago4 views

EUVD-2025-210078

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax...

9.8CVSS5.4AI score0.00058EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 3 days ago7 views

PT-2026-47013

Name of the Vulnerable Software and Affected Versions NetMan version 204 Description NetMan contains a hard-coded backdoor account with the username and password eurek that provides administrative access. A remote, unauthenticated attacker can authenticate through the "/cgi-bin/login.cgi" endpoin...

9.8CVSS5.4AI score0.00058EPSS
Exploits0References8
EUVD
EUVDadded 2026/05/08 3:31 p.m.8 views

EUVD-2022-55966

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands by injecting shell metacharacters into the formpassword parameter. Attackers can exploit...

9.2CVSS6.6AI score0.00213EPSS
Exploits0References4
NVD
NVDadded 2026/05/08 1:16 p.m.7 views

CVE-2022-50994

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands by injecting shell metacharacters into the formpassword parameter. Attackers can exploit...

9.2CVSS0.00213EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/05/08 12:0 a.m.4 views

DrayTek Vigor 2960 操作系统命令注入漏洞

The DrayTek Vigor 2960 is a router product developed by DrayTek Corporation. Versions prior to 1.5.1.4 of the DrayTek Vigor 2960 contained an operating system command injection vulnerability. This vulnerability stemmed from issues with OS command injection in the CGI login processing mechanism. I...

9.2CVSS6.4AI score0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/02/16 12:0 a.m.4 views

PT-2026-8301

Name of the Vulnerable Software and Affected Versions Wavlink WL-WN579A3 versions up to 20210219 Description A command injection issue exists in the file /cgi-bin/login.cgi. Manipulating the key argument can allow for remote code execution. The vulnerability has been publicly disclosed. The vendo...

6.5CVSS6.6AI score0.00412EPSS
Exploits1References9
BDU FSTEC
BDU FSTECadded 2024/11/14 12:0 a.m.1 views

The vulnerability of the /cgi/login file in the Administration Panel of Tp-Link MR200 wireless access points allows a intruder to cause a service failure.

The vulnerability of the /cgi/login file in the Administration Panel of Tp-Link MR200 wireless access points is related to the manipulation of the null pointer. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

7.8CVSS0.00973EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder