Lucene search
K

77 matches found

NVD
NVD
added last week6 views

CVE-2026-32833

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...

8.8CVSS0.0134EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added last week6 views

CVE-2026-32833

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...

8.8CVSS6.7AI score0.0134EPSS
Exploits0References3
Cvelist
Cvelist
added last week30 views

CVE-2026-32833 Cudy LT300 3.0 OS Command Injection via NTP Configuration

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...

8.8CVSS0.0134EPSS
Exploits0References2
CVE
CVE
added last week11 views

CVE-2026-32833

CVE-2026-32833 affects Cudy LT300 3.0 firmware prior to 2.5.12. The vulnerability arises in the system time configuration interface, where an authenticated attacker can inject shell metacharacters into the cbid.system.ntp.current POST parameter via the NTP settings endpoint, enabling remote code ...

8.8CVSS6.7AI score0.0134EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-52898

Name of the Vulnerable Software and Affected Versions Cudy LT300 3.0 versions prior to 2.5.12 Description Authenticated attackers can execute arbitrary commands on the underlying system by injecting shell metacharacters into the cbid.system.ntp.current POST parameter within the system time...

8.8CVSS6.6AI score0.0134EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: of/fdt: Perform SOC memory setup when earlyinitdtscanmemory fails. If memory is found, earlyinitdtscanmemory now returns 1. If no memory is found, it returns 0, allowing other memory setup mechanisms to proceed. Previously,...

5.5CVSS5.7AI score0.00187EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4537

A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS5AI score0.10296EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/22 6:30 a.m.4 views

EUVD-2026-14277

A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS5.6AI score0.10296EPSS
Exploits0References5
NVD
NVD
added 2026/03/22 5:16 a.m.6 views

CVE-2026-4537

A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS0.10296EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/22 4:2 a.m.3 views

CVE-2026-4537

A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS5AI score0.10296EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/22 4:2 a.m.2 views

CVE-2026-4537 Cudy TR1200 ipsec.lua action_ipsec_conn command injection

A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS5AI score0.10296EPSS
Exploits0References4
CVE
CVE
added 2026/03/22 4:2 a.m.22 views

CVE-2026-4537

CVE-2026-4537 affects Cudy TR1200 firmware version R46-2.4.15-20250721-164017. The vulnerability lies in the Lua-based web UI controller at /usr/bin/lib/lua/luci/controller/ipsec.lua, within the function action_ipsec_conn. Exploitation involves command injection via manipulation of this function,...

5.8CVSS5AI score0.10296EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/22 4:2 a.m.41 views

CVE-2026-4537 Cudy TR1200 ipsec.lua action_ipsec_conn command injection

A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS0.10296EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/22 12:0 a.m.10 views

PT-2026-26968

A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action ipsec conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS5.6AI score0.10296EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/22 12:0 a.m.5 views

Cudy TR1200 命令注入漏洞

The Cudy TR1200 is a router produced by the Chinese company Cudy. The Cudy TR1200 R46-2.4.15-20250721-164017 version has a command injection vulnerability. This vulnerability stems from incorrect operations on the function actionipsecconn in the file /usr/bin/lib/lua/luci/controller/ipsec.lua,...

5.8CVSS5.8AI score0.10296EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.5 views

CVE-2023-31851

Cudy LT400 1.13.4 is has a cross-site scripting XSS vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter...

6.1CVSS5.8AI score0.00432EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.5 views

CVE-2023-31852

Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting XSS in cgi-bin/luci/admin/network/wireless/config via the iface parameter...

6.1CVSS6.3AI score0.00603EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-36141

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00432EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-36142

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00603EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31483

Malicious code in bioql PyPI...

4.8CVSS4AI score0.00246EPSS
Exploits0References5
Rows per page
Query Builder