CVE-2026-8265

A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function getlogfile of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The exploit...

PT-2026-39564

A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function get log file of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The explo...

EUVD-2026-10221

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument delflag results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made publ...

PT-2026-20333

Name of the Vulnerable Software and Affected Versions Wavlink WL-NU516U1 versions up to 20251208 Description A flaw exists in Wavlink WL-NU516U1 that could allow for remote command injection. The issue is located in the singlePortForwardDelete function within the /cgi-bin/firewall.cgi file...

Sangfor Operation and Maintenance Security Management System Authorization Issues Vulnerabilities

The Sangfor Operation and Maintenance Security Management System is a security management system for operations and maintenance developed by Sangfor Corporation. Versions of the Sangfor Operation and Maintenance Security Management System 3.0.12 and earlier contained an authorization issue...

CVE-2025-11335

A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub46409C of the file /mspinfo.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out...

EUVD-2020-10790

Malware in sbrugna...

CVE-2025-10963

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. Affected is the function sub4016F0 of the file /cgi-bin/firewall.cgi. The manipulation of the argument delflag results in command injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

CVE-2025-10963 Wavlink NU516U1 firewall.cgi sub_4016F0 command injection

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. Affected is the function sub4016F0 of the file /cgi-bin/firewall.cgi. The manipulation of the argument delflag results in command injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

CVE-2025-10963 Wavlink NU516U1 firewall.cgi sub_4016F0 command injection

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. Affected is the function sub4016F0 of the file /cgi-bin/firewall.cgi. The manipulation of the argument delflag results in command injection. It is possible to launch the attack remotely. The exploit has been released to the publ...

PT-2025-39441

Name of the Vulnerable Software and Affected Versions Wavlink NU516U1 M16U1 V240425 Description A security flaw exists in the Wavlink NU516U1 M16U1 V240425. The issue is due to command injection in the /cgi-bin/firewall.cgi file, specifically within the sub 4016F0 function. Manipulation of the de...

Wavlink NU516U1 命令注入漏洞

Wavlink NU516U1 is a wireless print server from China Ruiyin Wavlink. A command injection vulnerability exists in the Wavlink NU516U1 M16U1V240425 version, which stems from the incorrect manipulation of the parameter dmzflag of the function sub401778 in the file /cgi-bin/firewall.cgi, which could...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

D-Link DI-8200 安全漏洞

The D-Link DI-8200 is an enterprise router from China-based AUO D-Link. The D-Link DI-8200 suffers from a command injection vulnerability that stems from a remote command execution vulnerability in the flag parameter and cmd parameter of the mspinfohtm function. No details of the vulnerability ar...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

D-Link DI-8400 安全漏洞

The D-LINK DI-8400 is an American D-Link router device for home and small business network connectivity. Multiple remote command execution vulnerabilities exist in the mspinfohtm function in the D-LINK DI-8400 version v16.07.26A1 via the flag and cmd parameters. A remote attacker can exploit this...

CVE-2024-51151

CVE-2024-51151 affects the D-Link DI-8200 with firmware 16.07.26A1. The vulnerability is a remote command execution in the msp_info_htm function, exploitable via the flag parameter and the cmd parameter. The connected documents consistently describe this issue as a command injection/remotely expl...