CVE-2026-2000

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

CVE-2026-2000

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

CVE-2026-2000

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

CVE-2026-2000 DCN DCME-320 Web Management Backend bridge_cfg.php apply_config command injection

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

CVE-2026-2000

CVE-2026-2000 affects DCN DCME-320 Web Management Backend. The vulnerability is in apply_config() handling of the ip_list argument in /function/system/basic/bridge_cfg.php, where manipulation leads to command injection. It is remotely exploitable and exploits have been published. Public reports (...

EUVD-2026-5693

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

CVE-2026-2000

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

DCN DCME-320 命令注入漏洞

DCN DCME-320 is an Internet exchange gateway router developed by China's DCN Technology Co., Ltd. Versions of DCN DCME-320 prior to 20260121 contained a command injection vulnerability. This vulnerability stemmed from incorrect operations with the parameter iplist in the function applyconfig with...

PT-2026-6684

Name of the Vulnerable Software and Affected Versions DCN DCME-320 versions up to 20260121 Description A flaw exists in the Web Management Backend component of DCN DCME-320. Specifically, manipulating the ip list argument within the apply config function of the /function/system/basic/bridge cfg.p...

CVE-2025-9387

A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ipblock.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is possible to initiate...

PT-2025-34563 · Unknown · Dcn Dcme-720

Name of the Vulnerable Software and Affected Versions: DCN DCME-720 version 9.1.5.11 Description: A vulnerability exists in DCN DCME-720 version 9.1.5.11 related to OS command injection. The issue is located in the Web Management Backend component, specifically within the file...

SAP Business Objects SQL注入漏洞

SAP Business Objects is a business intelligence suite from SAP Germany. An SQL injection vulnerability exists in SAP BusinessObjects Business Intelligence Platform versions 420 and 430, which can be exploited by an authenticated attacker to query and extract SQL backend data through the BI...

Linksys Smart Wi-Fi routers suffer from weak password vulnerability

Smart Wi-Fi is a router product from Linksys. Linksys Smart Wi-Fi routers have a weak password vulnerability that can be exploited by an attacker to directly log in to the router's management backend to control the device...

PT-2020-6168 · Packagekit +3 · Packagekit +3

Name of the Vulnerable Software and Affected Versions: PackageKit affected versions not specified Description: The issue is related to PackageKit's apt backend, which incorrectly treats all local debs as trusted. This is problematic because the apt security model relies on repository trust rather...

Weak Password Vulnerability in Huasan ER5200 Router

ER5200 is a high-performance Gigabit downstream router from H3C, which is targeted at the SMB market for Ethernet/fiber/ADSL access and network environments such as government, enterprise organizations, and Internet cafes. A weak password vulnerability exists in the H3C ER5200 router, which can b...

ZTE C520 Smart Camera Has Authentication Flaw Vulnerability

The ZTE C520 is a smart Wi-Fi watchdog camera. An authentication flaw vulnerability exists in the ZTE C520 smart camera. The vulnerability is due to the fact that the smart camera requires username and password authentication to log in and view images and parameter settings, while the...

Universal Password Login Vulnerability in Qiyu Technology Management System Backend

Shenyang Qiyu Tongchuang Technology Co., Ltd. is a service provider of website design and software development for enterprise and government type websites. There is a universal password login vulnerability in the backend of Qiyu Technology management system, and an attacker can log in to the syst...

Information Disclosure Vulnerability in IceFlow VPN Router

ICEFLOW VPN is a new generation of IPSEC-based Layer 3 intelligent router products developed by Shanghai Bingfeng Networks in response to the actual needs of modern enterprise and public utility users. There is an information leakage vulnerability in IceFlow VPN Router. Attackers can use the...