Wireshark MCP Server 命令注入漏洞

Wireshark MCP Server is a network packet capture and analysis tool developed by AG Personal Developers. Wireshark MCP Server has a command injection vulnerability, which stems from a issue with the quickcapture function in the pysharkmcp.py file. This vulnerability may lead to command injection v...

D-Link多款产品 命令注入漏洞

D-Link DNS-320, etc., are products of D-Link Corporation, a Chinese company. The D-Link DNS-320 is a NAS Network Attached Storage device. The D-Link DNS-120 is a network storage adapter. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection...

CVE-2025-14094

A flaw has been found in Edimax BR-6478AC V3 1.0.15. The affected element is the function sub44CCE4 of the file /boafrm/formSysCmd. This manipulation of the argument sysCmd causes os command injection. The attack may be initiated remotely. The exploit has been published and may be used. The vendo...

EUVD-2020-5067

Malware in sbrugna...

EUVD-2020-18482

Malware in sbrugna...

Fortinet FortiDDoS-F Operating System Command Injection Vulnerability

Fortinet FortiDDoS-F is a distributed denial-of-service protection system from the U.S. company Fiat Fortinet. Fortinet FortiDDoS-F suffers from an operating system command injection vulnerability that stems from improper neutralization of special elements, which can be exploited by an attacker t...

Microsoft 365 Copilot BizChat 命令注入漏洞

Microsoft 365 Copilot BizChat is an AI chat software from Microsoft Corporation USA. Microsoft 365 Copilot BizChat suffers from a command injection vulnerability that stems from improper neutralization of special elements used in commands. An attacker exploiting the vulnerability could gain acces...

TencentOS Server 3: emacs (TSSA-2025:0199)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0199 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2025-1629)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : emacs (EulerOS-SA-2025-1612)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands o...

Diviotec professional series 命令注入漏洞

Diviotec professional series is a series of professional video surveillance products from Diviotec Corporation, USA. A security vulnerability exists in Diviotec professional series, which is caused by arbitrary command injection and hard-coded passwords in the exposed web interface...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2025-1507)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TOTOLINK CA300-PoE 安全漏洞

TOTOLINK CA300-PoE is a wireless access point from China's Gion Electronics TOTOLINK. TOTOLINK CA300-PoE suffers from a command injection vulnerability that stems from the msgprocess function Url parameter failing to correctly filter constructive command special characters, commands, etc., which...

TOTOLINK CPE CP900 安全漏洞

TOTOLINK CPE CP900 is an outdoor wireless CPE device from China Gion Electronics TOTOLINK. The TOTOLINK CPE CP900 suffers from a command injection vulnerability that stems from the setApRebootScheCfg function failing to correctly filter construct command special characters, commands, etc. No...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2025-1353)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CBL Mariner 2.0 Security Update: emacs (CVE-2025-1244)

The version of emacs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1244 advisory. - A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker...

TOTOLINK X5000R 安全漏洞

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a command injection vulnerability that stems from the "eMinute" parameter in setWiFiScheduleCfg failing to properly filter constructor special characters, commands, etc. The vulnerability can ...

Wellchoose Administrative Management System 操作系统命令注入漏洞

The Wellchoose Administrative Management System is an administrative management system from China Wellchoose. The Wellchoose Administrative Management System suffers from an operating system command injection vulnerability. A remote attacker could inject and execute arbitrary operating system...

QNAP QTS and QuTS hero operating system command injection vulnerability

QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...

CVE-2024-7700

A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. This flaw allows an attacker with the necessary privileges to inject arbitrary commands into the configuration, potentially allowing...