75 matches found
EUVD-2025-9056
Malicious code in bioql PyPI...
EUVD-2024-54344
Malicious code in bioql PyPI...
EUVD-2025-9054
Malicious code in bioql PyPI...
EUVD-2025-9055
Malicious code in bioql PyPI...
EUVD-2024-54343
Malicious code in bioql PyPI...
EUVD-2024-54341
Malicious code in bioql PyPI...
EUVD-2024-54342
Malicious code in bioql PyPI...
NETGEAR WNR854T addmap_exec function command execution vulnerability
The NETGEAR WNR854T is a wireless router from NETGEAR. A command execution vulnerability exists in the NETGEAR WNR854T version 1.5.2, which stems from the addmapexec function failing to properly filter constructor command special characters, commands, and more. An attacker can exploit this...
NETGEAR WNR854T parse_st_header function buffer overflow vulnerability
The NETGEAR WNR854T is a wireless router from NETGEAR. A buffer overflow vulnerability exists in the NETGEAR WNR854T version 1.5.2, which is caused by the parsestheader function failing to properly validate the length of the input data, and can be exploited by a remote attacker to execute arbitra...
NETGEAR WNR854T get_email Function Command Execution Vulnerability
The NETGEAR WNR854T is a wireless router from NETGEAR. A command execution vulnerability exists in the NETGEAR WNR854T version 1.5.2, which stems from the nvram parameter of the getemail function of the post.cgi file failing to correctly filter for constructed command special characters, commands...
NETGEAR WNR854T pppoe_peer_mac function command execution vulnerability
The NETGEAR WNR854T is a wireless router from NETGEAR. A command execution vulnerability exists in the NETGEAR WNR854T version 1.5.2, which stems from the nvram parameter of the ppoepeermac function of the post.cgi file failing to correctly filter for constructed command special characters,...
NETGEAR WNR854T UPNP Service Buffer Overflow Vulnerability
The NETGEAR WNR854T is a wireless router from NETGEAR. The NETGEAR WNR854T version 1.5.2 suffers from a buffer overflow vulnerability that originates from the UPNP service failing to properly validate the length of incoming data, which can be exploited by remote attackers to execute arbitrary cod...
NETGEAR WNR854T wan_hostname function command execution vulnerability
The NETGEAR WNR854T is a wireless router from NETGEAR. A command execution vulnerability exists in the NETGEAR WNR854T version 1.5.2, which stems from the nvram parameter of wanhostname failing to properly filter constructed command special characters, commands, and so on. An attacker can exploit...
CVE-2024-54806
Netgear WNR854T 1.5.2 North America is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commands via the web interface...
CVE-2024-54802
In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...
CVE-2024-54804
Netgear WNR854T 1.5.2 North America is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter wanhostname and forcing a reboot. This will result in command injection...
CVE-2024-54808
Netgear WNR854T 1.5.2 North America contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution...
CVE-2024-54809
Netgear Inc WNR854T 1.5.2 North America contains a stack-based buffer overflow vulnerability in the parsestheader function due to use of a request header parameter in a strncpy where size is determined based on the input specified. By sending a specially crafted packet, an attacker can take contr...
CVE-2024-54803
Netgear WNR854T 1.5.2 North America is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter pppoepeermac and forcing a reboot. This will result in command injection...
CVE-2024-54807
In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...