57 matches found
CVE-2024-33793
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...
CVE-2023-3380
A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit h...
WAVLINK WL-WN530H4 Command Injection Vulnerability
WAVLINK WL-WN530H4 is a high-performance USB wireless card from China RuiYin WAVLINK that supports 802.11ac dual-band Wi-Fi. WAVLINK WL-WN530H4 suffers from a command injection vulnerability, which originates from the failure of the pingtest function in adm.cgi to correctly filter pingIp paramete...
CVE-2025-44868
Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the pingtest function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
PT-2025-18789 · Wavlink · Wavlink Wl-Wn530Hg4
Name of the Vulnerable Software and Affected Versions: Wavlink WL-WN530H4 version 20220801 Description: The issue is related to a command injection vulnerability in the ping test function of the adm.cgi via the pingIp parameter. This allows attackers to execute arbitrary commands via a crafted...
CVE-2025-29226
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection vulnerability in the runtime.pingTest function via the pt"count" parameter...
EnGenius EWS356-FIT 安全漏洞
The EnGenius EWS356-FIT is an indoor wireless access point from EnGenius. A security vulnerability exists in the EnGenius EWS356-FIT version 1.1.30 and earlier. An attacker can exploit the vulnerability to execute arbitrary operating system commands via shell metacharacters to the Ping and Speed...
PT-2024-31500
Name of the Vulnerable Software and Affected Versions EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2 c1.9.51 Description The issue allows for OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During initial setup, the device creates an open unsecured...
DEBIAN-CVE-2024-46854
In the Linux kernel, the following vulnerability has been resolved: net: dpaa: Pad packets to ETHZLEN When sending packets under 60 bytes, up to three bytes of the buffer following the data may be leaked. Avoid this by extending all packets to ETHZLEN, ensuring nothing is leaked in the padding...
CVE-2024-33793
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...
CVE-2024-33793
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...
PT-2024-25484 · Netis Systems · Netis-Systems Mex605
Name of the Vulnerable Software and Affected Versions: netis-systems MEX605 version 2.00.06 Description: The issue allows attackers to execute arbitrary OS commands via a crafted payload to the "ping test page". Recommendations: For netis-systems MEX605 version 2.00.06, consider restricting acces...
CVE-2024-33793
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...
CVE-2024-33793
CVE-2024-33793 affects netis-systems MEX605 v2.00.06. A crafted payload to the device’s ping test page allows attackers to execute arbitrary OS commands. Documented impact is arbitrary command execution with local attack vector, low privileges, no user interaction. No explicit exploitation detail...
CVE-2024-33793
netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page...
CVE-2023-3380
A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit h...
Design/Logic Flaw
A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit h...
CVE-2023-3380 Wavlink WN579X3 Ping Test adm.cgi injection
A vulnerability classified as critical has been found in Wavlink WN579X3 up to 20230615. Affected is an unknown function of the file /cgi-bin/adm.cgi of the component Ping Test. The manipulation of the argument pingIp leads to injection. It is possible to launch the attack remotely. The exploit h...
PT-2022-8677 · Optilink · Optilink Op-Xt71000N
Name of the Vulnerable Software and Affected Versions: OPTILINK OP-XT71000N version V2.2 Description: The issue occurs due to unauthenticated remote code execution when an attacker passes arbitrary commands with an IP-ADDRESS using " | " to execute commands on "/diag tracert admin.asp" in the...
CVE-2021-28841
Null Pointer Dereference vulnerability in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service by sending a POST request to applycgi via an action pingtest without a pingipaddr key...