Lucene search
+L

57 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:59 a.m.7 views

CVE-2024-33793

netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...

5.3CVSS7.8AI score0.00313EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:15 a.m.5 views

CVE-2023-3380

A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit h...

9.8CVSS7.3AI score0.0388EPSS
Exploits1References1
CNVD
CNVD
added 2025/05/14 12:0 a.m.7 views

WAVLINK WL-WN530H4 Command Injection Vulnerability

WAVLINK WL-WN530H4 is a high-performance USB wireless card from China RuiYin WAVLINK that supports 802.11ac dual-band Wi-Fi. WAVLINK WL-WN530H4 suffers from a command injection vulnerability, which originates from the failure of the pingtest function in adm.cgi to correctly filter pingIp paramete...

9.8CVSS7.3AI score0.02602EPSS
Exploits1References1
OSV
OSV
added 2025/05/02 3:15 p.m.5 views

CVE-2025-44868

Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the pingtest function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

9.8CVSS6.1AI score0.02602EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/04/11 12:0 a.m.6 views

PT-2025-18789 · Wavlink · Wavlink Wl-Wn530Hg4

Name of the Vulnerable Software and Affected Versions: Wavlink WL-WN530H4 version 20220801 Description: The issue is related to a command injection vulnerability in the ping test function of the adm.cgi via the pingIp parameter. This allows attackers to execute arbitrary commands via a crafted...

10CVSS7.7AI score0.02602EPSS
Exploits1References7
OSV
OSV
added 2025/03/21 5:15 p.m.4 views

CVE-2025-29226

In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt"count" parameter...

6.3CVSS5.8AI score0.00714EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.6 views

EnGenius EWS356-FIT 安全漏洞

The EnGenius EWS356-FIT is an indoor wireless access point from EnGenius. A security vulnerability exists in the EnGenius EWS356-FIT version 1.1.30 and earlier. An attacker can exploit the vulnerability to execute arbitrary operating system commands via shell metacharacters to the Ping and Speed...

9.8CVSS7.5AI score0.01068EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.6 views

PT-2024-31500

Name of the Vulnerable Software and Affected Versions EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2 c1.9.51 Description The issue allows for OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During initial setup, the device creates an open unsecured...

7.8CVSS7.7AI score0.34662EPSS
Exploits0References5
OSV
OSV
added 2024/09/27 1:15 p.m.5 views

DEBIAN-CVE-2024-46854

In the Linux kernel, the following vulnerability has been resolved: net: dpaa: Pad packets to ETHZLEN When sending packets under 60 bytes, up to three bytes of the buffer following the data may be leaked. Avoid this by extending all packets to ETHZLEN, ensuring nothing is leaked in the padding...

7.1CVSS6.3AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 5:15 p.m.24 views

CVE-2024-33793

netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...

5.3CVSS7.4AI score0.00313EPSS
Exploits1References1
OSV
OSV
added 2024/05/03 5:15 p.m.4 views

CVE-2024-33793

netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...

5.3CVSS6AI score0.00313EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/05/03 12:0 a.m.8 views

PT-2024-25484 · Netis Systems · Netis-Systems Mex605

Name of the Vulnerable Software and Affected Versions: netis-systems MEX605 version 2.00.06 Description: The issue allows attackers to execute arbitrary OS commands via a crafted payload to the "ping test page". Recommendations: For netis-systems MEX605 version 2.00.06, consider restricting acces...

5.3CVSS7.8AI score0.00313EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/05/03 12:0 a.m.13 views

CVE-2024-33793

netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...

7.7AI score0.00313EPSS
Exploits1References1
CVE
CVE
added 2024/05/03 12:0 a.m.77 views

CVE-2024-33793

CVE-2024-33793 affects netis-systems MEX605 v2.00.06. A crafted payload to the device’s ping test page allows attackers to execute arbitrary OS commands. Documented impact is arbitrary command execution with local attack vector, low privileges, no user interaction. No explicit exploitation detail...

5.3CVSS7.7AI score0.00313EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/05/03 12:0 a.m.33 views

CVE-2024-33793

netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...

7.6AI score0.00313EPSS
Exploits1References1
OSV
OSV
added 2023/06/23 10:15 a.m.8 views

CVE-2023-3380

A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit h...

9.8CVSS5.4AI score0.0388EPSS
Exploits1References3
Prion
Prion
added 2023/06/23 10:15 a.m.22 views

Design/Logic Flaw

A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit h...

5.8CVSS9.7AI score0.0388EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/06/23 9:31 a.m.24 views

CVE-2023-3380 Wavlink WN579X3 Ping Test adm.cgi injection

A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit h...

5.8CVSS10AI score0.0388EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.6 views

PT-2022-8677 · Optilink · Optilink Op-Xt71000N

Name of the Vulnerable Software and Affected Versions: OPTILINK OP-XT71000N version V2.2 Description: The issue occurs due to unauthenticated remote code execution when an attacker passes arbitrary commands with an IP-ADDRESS using " | " to execute commands on "/diag tracert admin.asp" in the...

9.8CVSS8.5AI score0.41443EPSS
Exploits0References6
OSV
OSV
added 2021/08/10 7:15 p.m.5 views

CVE-2021-28841

Null Pointer Dereference vulnerability in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending a POST request to applycgi via an action pingtest without a pingipaddr key...

7.5CVSS5.8AI score0.00961EPSS
Exploits0References1
Rows per page
Query Builder