105 matches found
PT-2024-14349 · Tenda · Tenda Ax1803
Name of the Vulnerable Software and Affected Versions: Tenda AX1803 version 1.0.0.1 Description: The issue is related to a stack overflow that can occur via the iptv.stb.port parameter in the setIptvInfo function. Recommendations: For Tenda AX1803 version 1.0.0.1, avoid using the iptv.stb.port...
CVE-2023-33268
An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection blind...
CVE-2023-33268
An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection blind...
PT-2023-24252 · Unknown · Dts Monitoring
Name of the Vulnerable Software and Affected Versions: DTS Monitoring version 3.57.0 Description: An issue was discovered in the SSL Certificate check function where the port parameter is vulnerable to OS command injection, specifically blind command injection. Recommendations: For DTS Monitoring...
DTS Monitoring Operating System Command Injection Vulnerability
DTS Monitoring is an information system monitoring platform from DTS Corporation. An operating system command injection vulnerability exists in DTS Monitoring version 3.57.0, which originates from the port parameter in the SSL certificate checking function being susceptible to operating system...
Command injection
D-LINK DIR-806 1200M11AC wireless router DIR806A1FW100CNb11 is vulnerable to command injection due to lax filtering of REMOTEPORT parameters...
CVE-2022-44843
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function...
CVE-2022-44843
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function...
Command injection
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function...
PT-2022-27322 · Totolink · Totolink A7100Ru
Name of the Vulnerable Software and Affected Versions: TOTOlink A7100RU version 7.4cu.2313 B20191024 Description: A command injection issue was found via the port parameter in the setting/setOpenVpnClientCfg function. This allows for potential command injection attacks. Recommendations: For...
CVE-2022-44843
TOTOlink A7100RU V7.4cu.2313B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function...
CVE-2022-44843
The CVE-2022-44843 entry applies to TOTOLINK A7100RU devices (firmware around V7.4cu.2313_B20191024). The vulnerability is a command injection in the OpenVPN client configuration routine, exploitable via the port parameter in the setting/setOpenVpnClientCfg function. CVSS 3.1 base score 9.8 (Impa...
CVE-2021-36668
URL injection in Driva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App...
Druva 注入漏洞
Druva is a large-scale SaaS platform from US-based Druva, Inc. bringing the simplicity, scalability and security of the public cloud to enterprise data protection and management. A security vulnerability exists in Druva version 6.9.0 that stems from a URL injection vulnerability in the inSync...
CVE-2022-26641
TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter...
CVE-2021-37389
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...
CVE-2021-37389
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...
Design/Logic Flaw
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...
CVE-2021-37389
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...
CVE-2021-37389
Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter...