Lucene search
K

89 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/03 1:30 p.m.17 views

CVE-2026-7698

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...

7.5CVSS6.9AI score0.01655EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/03 1:30 p.m.34 views

CVE-2026-7698

Tiandy Easy7 Integrated Management Platform 7.17.0 is affected by an os command injection in the /Easy7/rest/systemInfo/updateDbBackupInfo endpoint. The issue arises from manipulation of the argument week, enabling a remote attacker to execute commands on the affected system. Public exploit code ...

7.5CVSS6.9AI score0.01655EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.11 views

Tiandy Easy7 Integrated Management Platform 命令注入漏洞

Tiandy Easy7 Integrated Management Platform is a comprehensive video surveillance management platform developed by Tiandy Company in China. The version 7.17.0 of Tiandy Easy7 Integrated Management Platform contains a command injection vulnerability. This vulnerability stems from an unknown functi...

7.5CVSS7.1AI score0.01655EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.12 views

PT-2026-36701

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...

7.5CVSS6.9AI score0.01655EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.6 views

CVE-2026-4287

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-4221

A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This affects an unknown part of the file /rest/file/uploadLedImage of the component Endpoint. The manipulation of the argument File results in unrestricted upload. The attack may be launched remotely. The exploit has...

7.5CVSS6.6AI score0.00284EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.4 views

CVE-2026-4289

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-4187

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Impacted is an unknown function of the file /WebService/UpdateLocalDevInfo.jsp of the component Device Identifier Handler. Such manipulation of the argument username/password leads to missing authentication. The...

6.9CVSS5.7AI score0.00514EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.4 views

CVE-2026-4288

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.3 views

CVE-2026-4585

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command...

10CVSS6.8AI score0.03312EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/23 12:30 p.m.4 views

EUVD-2026-14410

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command...

10CVSS5.5AI score0.03312EPSS
Exploits0References5
NVD
NVD
added 2026/03/23 12:16 p.m.7 views

CVE-2026-4585

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command...

10CVSS0.03312EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/23 11:15 a.m.30 views

CVE-2026-4585 Tiandy Easy7 Integrated Management Platform Configuration ImportSystemConfiguration.jsp os command injection

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command...

10CVSS0.03312EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/23 11:15 a.m.5 views

CVE-2026-4585 Tiandy Easy7 Integrated Management Platform Configuration ImportSystemConfiguration.jsp os command injection

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command...

10CVSS5.5AI score0.03312EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/23 11:15 a.m.19 views

CVE-2026-4585

A vulnerability has been found in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp of the component Configuration Handler. The manipulation of the argument File leads to os command...

10CVSS5.5AI score0.03312EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/23 11:15 a.m.28 views

CVE-2026-4585

Tiandy Easy7 Integrated Management Platform up to 7.17.0 is affected by CVE-2026-4585. The vulnerability resides in the Configuration Handler, specifically the file /Easy7/apps/WebService/ImportSystemConfiguration.jsp, where manipulation of the File argument leads to an OS command injection. The ...

10CVSS6.8AI score0.03312EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.12 views

Tiandy Easy7 Integrated Management Platform 操作系统命令注入漏洞

Tiandy Easy7 Integrated Management Platform is a comprehensive video surveillance management platform developed by Tiandy Company in China. Versions of Tiandy Easy7 Integrated Management Platform prior to 7.17.0 contained a vulnerability related to operating system command injection. This...

10CVSS7.3AI score0.03312EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/17 12:31 a.m.4 views

EUVD-2026-12529

A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/17 12:31 a.m.4 views

EUVD-2026-12531

A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The explo...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/17 12:31 a.m.10 views

EUVD-2026-12530

A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5
Rows per page
Query Builder