EUVD-2026-30183

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restoreconfigsection fails to sanitize user supplied input leading to Remote Code Execution. This vulnerability is fixed in 26.1.7...

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2308 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientconnect...

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...

CVE-2026-22228

CVE-2026-22228 affects TP-Link Archer BE230 v1.2 prior to 1.2.4 Build 20251218 rel.70420. An authenticated user with high privileges can trigger a denial-of-service by restoring a crafted configuration file containing an excessively long parameter, causing the device to become unresponsive and re...

CVE-2025-59895

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...

CVE-2025-59895

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...

CVE-2025-59895 Remote denial-of-service (DoS) vulnerability in Sync Breeze Enterprise Server

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...

CVE-2025-59895

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...

CVE-2025-59895

CVE-2025-59895 affects Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. The vulnerability is a remote DoS in the configuration restore function caused by insufficient validation of user-supplied data, leading to an unresponsive service. In a successful scenario, the serv...

EUVD-2025-206494

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...

PT-2026-5103

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...

EUVD-2020-29041

Malware in sbrugna...

EUVD-2017-14363

Malware in sbrugna...

EUVD-2020-24868

Malware in sbrugna...

EUVD-2024-52265

Malicious code in bioql PyPI...

CVE-2021-20170

Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password...

CVE-2024-54082

home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. An arbitrary OS command may be executed with the root privilege by an administrative user...

CVE-2024-54082

home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. An arbitrary OS command may be executed with the root privilege by an administrative user...

CVE-2024-54082

home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. An arbitrary OS command may be executed with the root privilege by an administrative user...

CVE-2024-54082

The CVE-2024-54082 issue affects SHARP-driven home/router devices (home 5G HR02 and Wi‑Fi STATION SH-54C). It is an OS command injection in the configuration restore function that can allow an administrator to execute arbitrary commands with root privileges. Affected versions include home 5G HR02...