Command injection

The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value...

CVE-2020-7848

The CVE-2020-7848 entry concerns the EFM ipTIME C200 IP Camera with a Command Injection flaw in /login.cgi?logout=1. An attacker can send a GET request to execute arbitrary OS commands via a crafted cookie value. CVSS data (2.0/3.1) indicates HIGH impact across confidentiality, integrity, and ava...

Sql injection

Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the 1 addip parameter to cgi-bin/scrutfaexclusions.cgi, 2...

CVE-2019-6710

Zyxel NBG-418N v2 v1.00AAXM.4C0 devices allow login.cgi CSRF...

Cross site request forgery (csrf)

Zyxel NBG-418N v2 v1.00AAXM.4C0 devices allow login.cgi CSRF...

CVE-2018-6320

CVE-2018-6320 affects Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) where login.cgi improperly validates the http(s) Host header. Affected versions: PCS 8.1RX pre-8.1R12 and 8.3RX pre-8.3R2; PPS 5.2RX pre-5.2R9 and 5.4RX pre-5.4R2. The issue arises from trusting the Host header receive...

PT-2018-17475 · Pulse · Pulse Policy Secure +1

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure PCS versions 8.1RX through 8.1R11 Pulse Connect Secure PCS versions 8.3RX through 8.3R1 Pulse Policy Secure PPS versions 5.2RX through 5.2R8 Pulse Policy Secure PPS versions 5.4RX through 5.4R1 Description: A vulnerabilit...

bucksportal.com XSS vulnerability

Open Bug Bounty ID: OBB-655797 Description| Value ---|--- Affected Website:| bucksportal.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Citrix CloudBridge - CAKEPHP Cookie Command Injection Vulnerability

Exploit for cgi platform in category web applications POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1 Host: 10.242.129.149 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0 Connection: close Referer:...

Citrix CloudBridge - CAKEPHP Cookie Command Injection

Citrix CloudBridge - CAKEPHP Cookie Command Injection POST /cgi-bin/login.cgi?redirect=/ HTTP/1.1 Host: 10.242.129.149 Accept: / Accept-Language: en User-Agent: Mozilla/5.0 compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0 Connection: close Referer:...

PT-2017-2634 · D Link · D-Link Dir-615 Wireless N 300 Router

Name of the Vulnerable Software and Affected Versions: D-Link DIR-615 Wireless N 300 Router Description: The issue is related to weaknesses in the authentication procedure of the router's firmware. It can be exploited by a remote attacker using a modified POST request to the "login.cgi" endpoint,...

CVE-2017-9100

login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt...

CVE-2017-9100

CVE-2017-9100 affects D-Link DIR-600M devices running firmware 3.04. The vulnerability is an authentication bypass in login.cgi that allows a remote attacker to bypass login by submitting more than 20 blank spaces in the password field during an admin login attempt. Impact is unauthenticated admi...

CVE-2017-9100

login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt...

Ubiquiti Inc.: AirFibre products vulnerable to HTTP Header injection

The uri GET parameter of Login.cgi is directly used on login to generate HTTP headers without sanitisation. An user could be tricked into logging into the device and then redirected to a malicious location or attacked through other HTTP Header injection attacks. Vulnerable code: if isset$uri &&...

Belkin AC1200 Router Firmware 1.00.27 - Authentication Bypass

''' Exploit Title: Belkin Router AC1200, Firmware: 1.00.27 - Authentication Bypass Date: 5/11/2016 Exploit Author: Gregory Smiley Contact: [email protected] Vendor Homepage: http://www.belkin.com Version: Firmware: 1.00.27 Tested on:F9K1113 v1 1. Description: The Belkin AC1200 is vulnerable to...

CVE-2014-1635

Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103WW1.10.17m allows remote attackers to execute arbitrary code via a long string in the jump parameter...

Authentication flaw

The D-Link DSL-2740B Gateway with firmware EU1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to login.cgi...

CVE-2013-2271

The D-Link DSL-2740B Gateway with firmware EU1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to login.cgi...

Community Link Pro webeditor login.cgi remote command execution

The remote host is running Community Link Pro, a web-based application written in Perl. The remote version of this software contains a flaw in the script 'login.cgi' which may allow an attacker to execute arbitrary commands on the remote host. OpenVAS Vulnerability Test $Id:...