Lucene search
K

3872 matches found

NVD
NVD
added 2026/04/06 7:16 p.m.9 views

CVE-2026-5678

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been...

7.5CVSS0.0114EPSS
Exploits0References5
CVE
CVE
added 2026/04/06 6:45 p.m.38 views

CVE-2026-5678

CVE-2026-5678 affects Totolink A7100RU (firmware 7.4cu.2313_b20191024). The vulnerability is in the /cgi-bin/cstecgi.cgi function setScheduleCfg, where manipulating the mode argument enables an OS command injection. Exploitation can be performed remotely, and a public exploit is available. Impact...

7.5CVSS6.8AI score0.0114EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 6:45 p.m.20 views

CVE-2026-5678 Totolink A7100RU cstecgi.cgi setScheduleCfg os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been...

7.5CVSS0.0114EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/06 6:30 p.m.20 views

CVE-2026-5677 Totolink A7100RU cstecgi.cgi CsteSystem os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS0.0114EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 6:30 p.m.3 views

CVE-2026-5677

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS6.8AI score0.0114EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/06 3:17 p.m.4 views

CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

9.8CVSS0.01721EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/04/06 2:15 p.m.5 views

CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

9.8CVSS6.9AI score0.01721EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/06 3:27 a.m.3 views

vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin

A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...

7.8CVSS6.1AI score0.01162EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-5663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file...

9.8CVSS6.8AI score0.01721EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.7 views

PT-2026-30751

A flaw has been found in Totolink A7100RU 7.4cu.2313 b20191024. The impacted element is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed remotely. The exploit has been published...

7.5CVSS6.8AI score0.01459EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.7 views

PT-2026-30750

A vulnerability was detected in Totolink A7100RU 7.4cu.2313 b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The exploit is now...

7.5CVSS6.9AI score0.01459EPSS
Exploits0References6
NVD
NVD
added 2026/04/05 8:16 a.m.3 views

CVE-2026-5547

A vulnerability has been found in Tenda AC10 16.03.10.10multiTDE01. Affected is the function formAddMacfilterRule of the file /bin/httpd. Such manipulation leads to os command injection. It is possible to launch the attack remotely. Multiple endpoints might be affected...

8.8CVSS0.01908EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 7:15 a.m.2 views

CVE-2026-5547

A vulnerability has been found in Tenda AC10 16.03.10.10multiTDE01. Affected is the function formAddMacfilterRule of the file /bin/httpd. Such manipulation leads to os command injection. It is possible to launch the attack remotely. Multiple endpoints might be affected...

6.5CVSS5.6AI score0.01908EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/04/05 3:30 a.m.4 views

EUVD-2026-19014

A vulnerability was found in ScrapeGraphAI scrapegraph-ai up to 1.74.0. The affected element is the function createsandboxandexecute of the file scrapegraphai/nodes/generatecodenode.py of the component GenerateCodeNode Component. The manipulation results in os command injection. The attack may be...

7.5CVSS6.2AI score0.01449EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 1:15 a.m.1 views

CVE-2026-5532

A vulnerability was found in ScrapeGraphAI scrapegraph-ai up to 1.74.0. The affected element is the function createsandboxandexecute of the file scrapegraphai/nodes/generatecodenode.py of the component GenerateCodeNode Component. The manipulation results in os command injection. The attack may be...

7.5CVSS5.5AI score0.01449EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.3 views

PT-2026-30418

Name of the Vulnerable Software and Affected Versions Tenda AC10 version 16.03.10.10 multi TDE01 Description A remote OS command injection flaw exists in the formAddMacfilterRule function within the /bin/httpd file. This allows a remote attacker to execute arbitrary operating system commands on t...

8.8CVSS6.9AI score0.01908EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/04 11:30 p.m.26 views

CVE-2026-5528 MoussaabBadla code-screenshot-mcp HTTP os command injection

A security vulnerability has been detected in MoussaabBadla code-screenshot-mcp up to 0.1.0. This affects an unknown part of the component HTTP Interface. Such manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may...

6.5CVSS0.01455EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/04 11:30 p.m.2 views

CVE-2026-5528

A security vulnerability has been detected in MoussaabBadla code-screenshot-mcp up to 0.1.0. This affects an unknown part of the component HTTP Interface. Such manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may...

6.5CVSS5.4AI score0.01455EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/04 11:30 p.m.2 views

CVE-2026-5528 MoussaabBadla code-screenshot-mcp HTTP os command injection

A security vulnerability has been detected in MoussaabBadla code-screenshot-mcp up to 0.1.0. This affects an unknown part of the component HTTP Interface. Such manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may...

6.5CVSS6.2AI score0.01455EPSS
Exploits0References4
CVE
CVE
added 2026/04/04 11:30 p.m.29 views

CVE-2026-5528

The CVE-2026-5528 entry concerns MoussaabBadla code-screenshot-mcp (up to version 0.1.0) with a vulnerability in an unknown part of its HTTP Interface that enables os command injection. The description indicates remote exploitation, and that the exploit has been publicly disclosed; the vendor was...

6.5CVSS6.2AI score0.01455EPSS
Exploits0References4
Rows per page
Query Builder