77 matches found
CVE-2026-32833
Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...
CVE-2026-32833
Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...
CVE-2026-32833 Cudy LT300 3.0 OS Command Injection via NTP Configuration
Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...
CVE-2026-32833
CVE-2026-32833 affects Cudy LT300 3.0 firmware prior to 2.5.12. The vulnerability arises in the system time configuration interface, where an authenticated attacker can inject shell metacharacters into the cbid.system.ntp.current POST parameter via the NTP settings endpoint, enabling remote code ...
PT-2026-52898
Name of the Vulnerable Software and Affected Versions Cudy LT300 3.0 versions prior to 2.5.12 Description Authenticated attackers can execute arbitrary commands on the underlying system by injecting shell metacharacters into the cbid.system.ntp.current POST parameter within the system time...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: of/fdt: Perform SOC memory setup when earlyinitdtscanmemory fails. If memory is found, earlyinitdtscanmemory now returns 1. If no memory is found, it returns 0, allowing other memory setup mechanisms to proceed. Previously,...
CVE-2026-4537
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...
EUVD-2026-14277
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...
CVE-2026-4537
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...
CVE-2026-4537
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...
CVE-2026-4537 Cudy TR1200 ipsec.lua action_ipsec_conn command injection
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...
CVE-2026-4537
CVE-2026-4537 affects Cudy TR1200 firmware version R46-2.4.15-20250721-164017. The vulnerability lies in the Lua-based web UI controller at /usr/bin/lib/lua/luci/controller/ipsec.lua, within the function action_ipsec_conn. Exploitation involves command injection via manipulation of this function,...
CVE-2026-4537 Cudy TR1200 ipsec.lua action_ipsec_conn command injection
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...
PT-2026-26968
A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function action ipsec conn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...
Cudy TR1200 命令注入漏洞
The Cudy TR1200 is a router produced by the Chinese company Cudy. The Cudy TR1200 R46-2.4.15-20250721-164017 version has a command injection vulnerability. This vulnerability stems from incorrect operations on the function actionipsecconn in the file /usr/bin/lib/lua/luci/controller/ipsec.lua,...
CVE-2023-31851
Cudy LT400 1.13.4 is has a cross-site scripting XSS vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter...
CVE-2023-31852
Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting XSS in cgi-bin/luci/admin/network/wireless/config via the iface parameter...
EUVD-2023-36141
Malicious code in bioql PyPI...
EUVD-2023-36142
Malicious code in bioql PyPI...
EUVD-2025-31483
Malicious code in bioql PyPI...