72 matches found
CVE-2026-2168 D-Link DWR-M921 formLtefotaUpgradeQuectel sub_419920 command injection
A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...
CVE-2026-2168 D-Link DWR-M921 formLtefotaUpgradeQuectel sub_419920 command injection
A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...
CVE-2026-1596
The CVE-2026-1596 entry affects D-Link DWR-M961 firmware 1.1.47, specifically the function sub_419920 in /boafrm/formLtefotaUpgradeQuectel. The vulnerability arises from manipulation of the fota_url argument, enabling remote command injection. Public exploitations exist, indicating potential in-t...
EUVD-2026-4953
A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. The attack is possible to be carried out remotely. The exploit has been published a...
CVE-2022-26147
The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection...
CVE-2025-15192 D-Link DWR-M920 formLtefotaUpgradeQuectel sub_415328 command injection
A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fotaurl leads to command injection. The attack can be executed remotely. The exploit has been...
EUVD-2021-18583
Malware in sbrugna...
EUVD-2024-52718
Malicious code in bioql PyPI...
EUVD-2024-52719
Malicious code in bioql PyPI...
EUVD-2024-52717
Malicious code in bioql PyPI...
EUVD-2023-30712
Malicious code in bioql PyPI...
EUVD-2021-32533
Malicious code in bioql PyPI...
CVE-2024-54982
An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass authentication via a crafted NAS message. NOTE: Quectel disputes this because the issue is in the chipset supply chain and is not localized to one or more Quectel products...
CVE-2024-54984
An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message. NOTE: this is disputed by the supplier...
CVE-2024-37816
Quectel EC25-EUX EC25EUXGAR08A05M1G was discovered to contain a stack overflow...
CVE-2024-54983
An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a crafted NAS message...
CVE-2023-26921
OS Command Injection vulnerability in quectel AG550QCN allows attackers to execute arbitrary commands via qlatfwd...
CVE-2021-31698
Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectelhandlefumocfg input in atfwddaemon...
CVE-2021-45815
Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Scripting XSS vulnerability...
CVE-2024-54984
An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted NAS message. NOTE: this is disputed by the supplier...