Lucene search
K

3874 matches found

CVE
CVE
added 2026/04/02 4:15 p.m.11 views

CVE-2026-5353

Trendnet TEW-657BRM version 1.00.1 contains a vulnerability in the ping_test function of /setup.cgi where manipulating the c4_IPAddr parameter leads to os command injection. Remote exploitation is possible; exploit code is public. The vendor notes the product is discontinued and out of support si...

8.8CVSS6.3AI score0.04778EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/04/02 3:45 p.m.18 views

CVE-2026-5351 Trendnet TEW-657BRM setup.cgi add_wps_client os command injection

A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...

6.5CVSS0.04457EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/02 3:45 p.m.5 views

CVE-2026-5351 Trendnet TEW-657BRM setup.cgi add_wps_client os command injection

A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...

6.5CVSS6.4AI score0.04457EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/02 3:31 p.m.6 views

EUVD-2026-18342

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

5.8CVSS5.8AI score0.05698EPSS
Exploits1References13
NVD
NVD
added 2026/04/02 3:16 p.m.2 views

CVE-2026-5339

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

8.8CVSS0.05698EPSS
Exploits1References12
NVD
NVD
added 2026/04/02 2:16 p.m.4 views

CVE-2026-5338

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function actionsetsystemsettings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The...

7.2CVSS0.04353EPSS
Exploits1References5
NVD
NVD
added 2026/04/02 2:16 p.m.4 views

CVE-2026-5333

A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown processing of the file /admin/tools.php. The manipulation of the argument host results in command injection. The attack can be executed remotely. The exploit has been released to t...

9.8CVSS0.02666EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/04/02 2:15 p.m.23 views

CVE-2026-5339 Tenda G103 Setting gpon.lua action_set_net_settings command injection

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

5.8CVSS0.05698EPSS
Exploits1References12
Vulnrichment
Vulnrichment
added 2026/04/02 2:15 p.m.1 views

CVE-2026-5339 Tenda G103 Setting gpon.lua action_set_net_settings command injection

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

5.8CVSS5.8AI score0.05698EPSS
Exploits1References12
ATTACKERKB
ATTACKERKB
added 2026/04/02 2:15 p.m.2 views

CVE-2026-5339

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...

5.8CVSS5.8AI score0.05698EPSS
Exploits1References12Affected Software1
CVE
CVE
added 2026/04/02 2:15 p.m.11 views

CVE-2026-5339

CVE-2026-5339 affects Tenda G103 1.0.0.5. The vulnerability is in the Setting Handler’s gpon.lua, function action_set_net_settings, where manipulating authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriority enables command injection remotely. Public exploit av...

8.8CVSS5.8AI score0.05698EPSS
Exploits1References12Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/02 2:0 p.m.2 views

CVE-2026-5338

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function actionsetsystemsettings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The...

5.8CVSS5.6AI score0.04353EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/02 1:30 p.m.4 views

CVE-2026-5333 DefaultFuction Content-Management-System tools.php command injection

A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown processing of the file /admin/tools.php. The manipulation of the argument host results in command injection. The attack can be executed remotely. The exploit has been released to t...

7.5CVSS6.8AI score0.02666EPSS
Exploits1References6
NVD
NVD
added 2026/04/02 12:16 p.m.3 views

CVE-2026-5327

A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been...

6.5CVSS0.0111EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/02 11:45 a.m.3 views

CVE-2026-5327 efforthye fast-filesystem-mcp index.ts handleGetDiskUsage command injection

A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References6
CVE
CVE
added 2026/04/02 11:45 a.m.11 views

CVE-2026-5327

The CVE-2026-5327 vulnerability affects the project efforthye fast-filesystem-mcp up to version 3.5.1 , specifically the function handleGetDiskUsage in src/index.ts. The issue arises from a manipulation that enables remote command injection , with exploitation publicly released and a Proof-of-Con...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-29806

A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpn connect of the file /setup.cgi. Executing a manipulation of the argument policy name can lead to os command injection. The attack can be executed remotely. The exploit has been published and ma...

6.5CVSS6.4AI score0.04778EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.3 views

PT-2026-29836

A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the function vpn drop of the file /setup.cgi. The manipulation of the argument policy name leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to th...

6.5CVSS6.3AI score0.04778EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.10 views

PT-2026-29746

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action set system settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. T...

5.8CVSS5.6AI score0.04353EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-29800

A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the function Edit of the file /setup.cgi. Such manipulation of the argument pcdb list leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used...

6.5CVSS6.4AI score0.04123EPSS
Exploits1References5
Rows per page
Query Builder