Lucene search
+L

11 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-308 CraftBeerPi 4 allows arbitrary code execution

URL GET parameter "logtime" utilized within the "downloadlog" function from "cbpi/httpendpoints/httpsystem.py" is subsequently passed to the "os.system" function in "cbpi/controller/systemcontroller.py" without prior validation allowing arbitrary code execution. This issue affects CraftBeerPi 4:...

9.8CVSS6.1AI score0.01139EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2026/02/20 12:0 a.m.6 views

The vulnerability of the /cgi-bin/DownloadLog file in the Web Management Interface component of the Tenda AC21 microprogramming router allows a hacker to gain unauthorized access to protected information.

The vulnerability of the /cgi-bin/DownloadLog file of the Web Management Interface component of the Tenda AC21 microprogramming system for routers is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access t...

5.3CVSS5.8AI score0.00521EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/09 1:23 p.m.16 views

CVE-2026-2147

A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The exploit has been made...

6.9CVSS5.1AI score0.00521EPSS
Exploits1References1
NVD
NVD
added 2026/02/08 10:15 a.m.8 views

CVE-2026-2147

A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The exploit has been made...

6.9CVSS0.00521EPSS
Exploits1References5
EUVD
EUVD
added 2026/02/08 10:2 a.m.10 views

EUVD-2026-5802

A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The exploit has been made...

6.9CVSS5.4AI score0.00521EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/08 10:2 a.m.6 views

CVE-2026-2147

A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The exploit has been made...

6.9CVSS5.5AI score0.00521EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/08 10:2 a.m.7 views

CVE-2026-2147 Tenda AC21 Web Management DownloadLog information disclosure

A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The exploit has been made...

6.9CVSS5.4AI score0.00521EPSS
Exploits1References5
CVE
CVE
added 2026/02/08 10:2 a.m.17 views

CVE-2026-2147

CVE-2026-2147 affects Tenda AC21 16.03.08.16. The weakness is in the Web Management Interface, specifically the file /cgi-bin/DownloadLog, where manipulation can lead to information disclosure. The issue is exploitable remotely and exploitation is publicly available. Affected component, root caus...

6.9CVSS5.5AI score0.00521EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.9 views

Tenda AC21 访问控制错误漏洞

Tenda AC21 is a wireless router produced by the Chinese company Tenda. The Tenda AC21 version 16.03.08.16 has a vulnerability related to access control. This vulnerability stems from incorrect handling of the /cgi-bin/DownloadLog file, which may lead to information leakage...

6.9CVSS6.1AI score0.00521EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.13 views

PT-2026-6974

Name of the Vulnerable Software and Affected Versions Tenda AC21 version 16.03.08.16 Description A weakness exists in the Tenda AC21 device. This issue affects an unknown function within the Web Management Interface component, specifically related to the file /cgi-bin/DownloadLog. A manipulation ...

6.9CVSS5.2AI score0.00521EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.11 views

PT-2024-28526

Name of the Vulnerable Software and Affected Versions CraftBeerPi 4 versions 4.0.0.58 through 4.4.1.a1 Description The issue arises from the URL GET parameter logtime being utilized within the "downloadlog" function from "cbpi/http endpoints/http system.py". This parameter is subsequently passed ...

9.8CVSS6AI score0.01139EPSS
Exploits0References11
Rows per page
Query Builder