Lucene search
K

19 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.11 views

CVE-2026-35546

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant and execute code and obtain a reverse shell...

9.8CVSS5.6AI score0.00587EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/17 9:31 p.m.9 views

EUVD-2026-23492

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant and execute code and obtain a reverse shell...

9.8CVSS5.9AI score0.00587EPSS
Exploits0References4
NVD
NVD
added 2026/03/25 3:16 p.m.3 views

CVE-2026-33268

Nanoleaf Lines 12.3.2 does not authenticate firmware file uploads. A remote, unauthenticated attacker can upload firmware files on the device and consume storage resources. Fixed in 12.3.6...

6.9CVSS0.0034EPSS
Exploits0References3
NVD
NVD
added 2026/03/16 2:20 p.m.4 views

CVE-2026-4207

A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function...

9.8CVSS0.03774EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.7 views

CVE-2022-0715

A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series SMT Series ID=18: UPS 09.8 and prior / SMT Series...

9.1CVSS6.9AI score0.05803EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.7 views

PT-2025-54244

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and earlier Description The software contains an unauthenticated remote code execution issue due to a path traversal flaw in the firmware upload functionality. The upload.cgi script allows attackers t...

9.3CVSS8.1AI score0.01442EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.2 views

Generex UPS Adapter CS141 Improper Input Validation (CVE-2022-47189)

Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an incorrect configuration, in order to disrupt the normal functionality of the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...

9.1CVSS8.4AI score0.00853EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-29804

Malware in sbrugna...

10CVSS9AI score0.00696EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-21124

Malicious code in bioql PyPI...

9CVSS8.6AI score0.0148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:59 a.m.7 views

CVE-2023-46574

An issue in TOTOLINK A3700R v.9.1.2u.616520211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function...

9.8CVSS7.8AI score0.65412EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/02/05 7:23 a.m.6 views

CVE-2024-23630

An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed...

9CVSS7.7AI score0.0148EPSS
Exploits0References1
OSV
OSV
added 2024/01/11 9:15 a.m.6 views

CVE-2023-52031

TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the UploadFirmwareFile function...

9.8CVSS5.9AI score0.01544EPSS
Exploits1References1
OSV
OSV
added 2024/01/08 5:15 a.m.5 views

CVE-2024-0297

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216 and classified as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack may be initiated remotely. The...

9.8CVSS5.5AI score0.03834EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/04/13 12:0 a.m.8 views

CVE-2023-27748

BlackVue DR750-2CH LTE v.1.0122022.10.26 does not employ authenticity check for uploaded firmware. This can allow attackers to upload crafted firmware which contains backdoors and enables arbitrary code execution...

8.1AI score0.00735EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/03/31 12:0 a.m.15 views

PT-2023-15229 · Generex · Generex Ups Cs141

Name of the Vulnerable Software and Affected Versions: Generex UPS CS141 versions prior to 2.06 Description: The issue allows an attacker to upload a firmware file containing an incorrect configuration, disrupting the normal functionality of the device. Recommendations: For versions prior to 2.06...

9.1CVSS9.2AI score0.00853EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/10/17 12:0 a.m.4 views

Zigor Corporación ZGR TPS200 NG 代码问题漏洞

The Zigor Corporación ZGR TPS200 NG is a rectifier for battery chargers from the Spanish company Zigor Corporación. Capable of managing sealed lead-acid or lithium batteries for industrial applications, remote control for substations and remote control of cellular phones, as well as applications...

10CVSS8.3AI score0.00696EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/06 12:0 a.m.5 views

TOTOLINK NR1800X 操作系统命令注入漏洞

TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK. designed to provide fast and easy deployment of NR fixed data services in homes and offices. A command injection vulnerability exists in TOTOLINK NR1800X version V9.1.0u.6279B20210910, which originates from t...

9.8CVSS7.8AI score0.01834EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2020/03/02 12:0 a.m.169 views

Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass (Config Upload)

Exploit Title: Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass Config Upload Date: 2019-11-20 Exploit Author: Elber Tavares Vendor Homepage: https://www.intelbras.com/ Software Link: http://en.intelbras.com.br/node/1033 Version: Intelbras Wireless N 150Mbps - WRN240 Tested on: linux,...

7.5CVSS7.6AI score0.0781EPSS
Exploits5
CNVD
CNVD
added 2017/08/03 12:0 a.m.2 views

Motorola MX011ANM File Upload Vulnerability

The Motorola MX011ANM is an Internet set-top box device from Motorola, U.S.A. The Xfinity XR11-20 Voice Remote is a voice remote control device.Comcast is a set of firmware developed by Comcast, U.S.A., that runs in devices such as gateways and modems. . A security vulnerability in the Comcast...

5.5CVSS7AI score0.00192EPSS
Exploits0References1
Rows per page
Query Builder