EUVD-2009-4336

Malware in sbrugna...

EUVD-2023-58546

Malicious code in bioql PyPI...

EUVD-2023-28537

Malicious code in bioql PyPI...

OESA-2025-1952 iputils security update

The iputils package contains basic utilities for monitoring a network, including ping. The ping command sends a series of ICMP protocol ECHOREQUEST packets to a specified network host to discover whether the target machine is alive and receiving network traffic. Security Fixes: ping in iputils...

The vulnerability of the fromTraceroutGet() function (/goform/getTraceroute) in the Tenda O3 wireless access point software allows a intruder to execute arbitrary commands.

The vulnerability of the fromNetToolGet function in the file /goform/setPingInfo function of the Tenda O3 wireless access point software is related to the lack of measures to sanitize input data during the processing of the domain parameter. Exploiting this vulnerability allows a remote attacker ...

The vulnerability of the ping tool in the web interface of the microprogramming software for routing and switching platform RUGGEDCOM ROX series, MX (MX5000, MX5000RE) and RX (RX1400, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000), allows a hacker to execute arbitrary code.

The vulnerability of the ping tool in the web interface of the microprogramming software for routing and switching platform RUGGEDCOM ROX models series MX MX5000, MX5000RE and RX RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000 is related to the absence of a mechanism to...

The vulnerability of the ping tool in the web interface of the microprogramming software for routing and switching platform RUGGEDCOM ROX series, MX (MX5000, MX5000RE) and RX (RX1400, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000), allows a hacker to execute arbitrary code.

The vulnerability of the ping tool in the web interface of the microprogramming software for routing and switching platform RUGGEDCOM ROX models series MX MX5000, MX5000RE and RX RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000 is related to the absence of a mechanism to...

CVE-2023-24519

Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...

CVE-2025-32469

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.5, RUGGEDCOM ROX MX5000RE All versions V2.16.5, RUGGEDCOM ROX RX1400 All versions V2.16.5, RUGGEDCOM ROX RX1500 All versions V2.16.5, RUGGEDCOM ROX RX1501 All versions V2.16.5, RUGGEDCOM ROX RX1510 All versions V2.16.5...

CVE-2022-48580

A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

VulnCheck KEV: CVE-2021-42912

FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands...

CVE-2023-6304

A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...

CVE-2023-6304

A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...

Command injection

A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...

CVE-2023-6304

CVE-2023-6304 affects Tecno 4G Portable WiFi TR118 (TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830). The Ping Tool component’s /goform/goform_get_cmd_process exposes the url argument to OS command injection, allowing remote exploitation. Multiple sources indicate the vulnerability can be triggered...

CVE-2023-6304 Tecno 4G Portable WiFi TR118 Ping Tool goform_get_cmd_process os command injection

A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...

PT-2023-32604 · Tecno · Tecno 4G Portable Wifi Tr118

Name of the Vulnerable Software and Affected Versions: Tecno 4G Portable WiFi TR118 version TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830 Description: A critical issue has been identified, affecting the Ping Tool component, specifically the /goform/goform get cmd process file. The url argument is...

The vulnerability of microprogrammed software in Advantech EKI-1524, EKI-1522, and EKI-1521 industrial switches stems from the lack of protective measures for website structures. This allows attackers to perform cross-site scripting attacks.

The vulnerability of the microprogrammed software in Advantech EKI-1524, EKI-1522, and EKI-1521 industrial switches exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using the...

CVE-2022-48580

A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...

CVE-2023-4203

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface...