CVE-2026-5975 Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

CVE-2026-21916

creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410 2026-04-09 22:56:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3vrfisrd2q 2026-04-09 23:29:35+00:00| seen|...

CVE-2026-33778

creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410 2026-04-09 23:29:35+00:00| seen| Telegram/Kq2o4LPf2BGuBLl8KciQDld7X5AUdxQvsJMa5JmTWnsS0Y 2026-04-10 01:21:54+00:00| seen|...

CVE-2026-33780

creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410 2026-04-09 22:32:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3ufqogbt2i...

CVE-2026-33782

creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410 2026-04-09 22:38:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj3ur3xgc32i 2026-04-14 11:00:28+00:00| seen|...

CVE-2026-33783

creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410 2026-04-14 11:00:28+00:00| seen|...

CVE-2026-33791

creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410...

CVE-2026-33785

creationtimestamp| type| source ---|---|--- 2026-04-09 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities20260410 2026-04-09 23:30:01+00:00| seen| Telegram/fYbHpIRyajg46wc34YKZkdOaluIkRtz5CIQtfv50yCWWzw 2026-04-10 01:21:54+00:00| seen|...

Arbitrary Command Injection

Overview taskflow-ai is a TaskFlow AI - 智能PRD文档解析与任务管理助手，支持多模型AI协同、MCP编辑器集成，专为开发团队设计的CLI工具 Affected versions of this package are vulnerable to Arbitrary Command Injection via the terminalexecute process in src/mcp/server/handlers.ts. An attacker can execute arbitrary operating system commands by...

GHSA-3XP3-PR8X-F755 Agions taskflow-ai vulnerable to os command injection in src/mcp/server/handlers.ts

A security flaw has been discovered in Agions taskflow-ai up to 2.1.8. This impacts an unknown function of the file src/mcp/server/handlers.ts of the component terminalexecute. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. Upgrading ...

EUVD-2026-20771

parseusbs before 1.9 contains an OS command injection vulnerability where the volume listing path argument -v flag is passed unsanitized into an os.popen shell command with ls, allowing arbitrary command injection via crafted volume path arguments containing shell metacharacters. An attacker can...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability stems from an operation on the setWiFiBasicCfg function parameter “wifiOff...

Juniper Networks Junos OS EX/QFX 代码问题漏洞

Juniper Networks Junos OS EX/QFX is a type of switch produced by Juniper Networks. This product provides dedicated electrical signal pathways between any two network nodes that are connected as access switches. There were code-related vulnerabilities in versions of Juniper Networks Junos OS EX/QF...

PT-2026-31806

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX Series versions prior to 21.2R3-S10, all versions of 21.3, versions 21.4 through 21.4R3-S12, all versions of 22.1, versions 22.2 through 22.2R3-S8, all versions of 22.4, versions 22.4 through 22.4R3-S9, version...

PT-2026-31748

A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon bbe-smgd of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. If the authentication packet-type option is...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations performed by the setVpnPassCfg function in the...

PT-2026-31750

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...

PT-2026-31801

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service DoS. On EX4k, and QFX5k platforms configur...

MetaGPT 操作系统命令注入漏洞

MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.1 and earlier contained a vulnerability related to operating system command injection. This vulnerability stemmed from operations on the getmimetype function in the metagpt/utils/common.py file, which could lead ...

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, a US-based company. Juniper Networks Junos OS is a network operating system specifically designed for the company’s hardware devices. This operating system provides secure programming interfaces...