Lucene search
K

415 matches found

EUVD
EUVD
added 2026/04/10 12:45 a.m.4 views

EUVD-2026-21272

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument laninfo can lead to os command injection. The attack may be performed from...

10CVSS6.9AI score0.01823EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/10 12:15 a.m.3 views

CVE-2026-5993 Totolink A7100RU CGI cstecgi.cgi setWiFiGuestCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wifiOff leads to os command injection. The attack can be executed...

10CVSS7.1AI score0.01803EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version contains an operating system command injection vulnerability. This vulnerability stems from the lack of proper validation in the handling of the laninfo parameter in...

10CVSS7.3AI score0.01823EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.5 views

FoundationAgents MetaGPT vulnerable to OS Command Injection in metagpt/utils/common.py

A vulnerability was found in FoundationAgents MetaGPT up to 0.8.1. Impacted is the function getmimetype of the file metagpt/utils/common.py. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The project was...

9.8CVSS6.7AI score0.02283EPSS
Exploits1References8Affected Software1
EUVD
EUVD
added 2026/04/09 9:31 p.m.6 views

EUVD-2026-21049

A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.runcommand in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed ...

7.5CVSS6.4AI score0.02328EPSS
Exploits1References7
EUVD
EUVD
added 2026/04/09 9:31 p.m.7 views

EUVD-2026-21074

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

10CVSS7AI score0.01803EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/09 8:0 p.m.32 views

CVE-2026-5976 Totolink A7100RU CGI cstecgi.cgi setStorageCfg os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is possible to initiate th...

10CVSS0.01803EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/09 7:45 p.m.2 views

CVE-2026-5975 Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

10CVSS7AI score0.01803EPSS
Exploits0References5
OSV
OSV
added 2026/04/09 3:31 a.m.18 views

GHSA-3XP3-PR8X-F755 Agions taskflow-ai vulnerable to os command injection in src/mcp/server/handlers.ts

A security flaw has been discovered in Agions taskflow-ai up to 2.1.8. This impacts an unknown function of the file src/mcp/server/handlers.ts of the component terminalexecute. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. Upgrading ...

6.3CVSS5.4AI score0.0111EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.10 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability stems from an operation on the setWiFiBasicCfg function parameter “wifiOff...

10CVSS7.3AI score0.02114EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/08 8:0 p.m.30 views

CVE-2026-5802 idachev mcp-javadc HTTP os command injection

A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP Interface. Such manipulation of the argument jarFilePath leads to os command injection. It is possible to launch the attack remotely. The exploit is publicly available and might...

7.5CVSS0.01651EPSS
Exploits0References6
NVD
NVD
added 2026/04/08 7:25 p.m.8 views

CVE-2026-30815

An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modificatio...

8.5CVSS0.0116EPSS
Exploits0References8
CNVD
CNVD
added 2026/04/07 12:0 a.m.8 views

Endian Firewall DATE Parameter OS Command Injection Vulnerability

Endian Firewall is a network security firewall system from Endian. An operating system command injection vulnerability exists in the Endian Firewall DATE parameter, which stems from incomplete regular expression validation of the DATE parameter in /cgi-bin/logsids.cgi, and can be exploited by an...

8.8CVSS5.8AI score0.01222EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.5 views

PT-2026-30840

Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application...

5.9AI score0.01006EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/06 11:0 p.m.2 views

CVE-2026-5691 Totolink A7100RU cstecgi.cgi setFirewallType os command injection

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setFirewallType of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument firewallType leads to os command injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS5.6AI score0.01167EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 10:30 p.m.31 views

CVE-2026-5689 Totolink A7100RU cstecgi.cgi setNtpCfg os command injection

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The exploit is now...

7.5CVSS0.01459EPSS
Exploits0References5
OSV
OSV
added 2026/04/06 5:49 p.m.4 views

GO-2026-4920 KubeAI: OS Command Injection via Model URL in Ollama Engine startup probe allows arbitrary command execution in model pods in github.com/kubeai-project/kubeai

KubeAI: OS Command Injection via Model URL in Ollama Engine startup probe allows arbitrary command execution in model pods in github.com/kubeai-project/kubeai...

8.8CVSS6.2AI score0.00448EPSS
Exploits3References1
Cvelist
Cvelist
added 2026/04/06 2:15 p.m.32 views

CVE-2026-5663 OFFIS DCMTK storescp storescp.cc executeOnEndOfStudy os command injection

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

7.5CVSS0.01721EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/06 3:45 a.m.1 views

CVE-2026-5619 Braffolk mcp-summarization-functions summarize_command mcp-server.ts os command injection

A flaw has been found in Braffolk mcp-summarization-functions up to 0.1.5. This impacts an unknown function of the file src/server/mcp-server.ts of the component summarizecommand. Executing a manipulation of the argument command can lead to os command injection. The attack requires local access...

5.3CVSS5.7AI score0.00694EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

Summarization Functions 操作系统命令注入漏洞

Summarization Functions is an intelligent text summarization server developed by Braffolk’s individual developer. Versions of Summarization Functions prior to 0.1.5 had a vulnerability related to operating system command injection. This vulnerability stemmed from improper handling of the command...

5.3CVSS6.1AI score0.00694EPSS
Exploits0References4
Rows per page
Query Builder