3868 matches found
PT-2026-25567
A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and m...
PT-2026-25572
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function RSS Get Update...
PT-2026-25570
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file...
PT-2026-25571
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi...
PT-2026-25538
A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function Delete Mac list/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit...
CVE-2026-4163 Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection
A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit...
PT-2026-25511
A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit...
EUVD-2026-11145
A vulnerability was found in H3C ACG1000-AK230 up to 20260227. This affects an unknown part of the file /webui/?aaaportalauthlocalsubmit. The manipulation of the argument suffix results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-3943 H3C ACG1000-AK230 aaa_portal_auth_local_submit command injection
A vulnerability was found in H3C ACG1000-AK230 up to 20260227. This affects an unknown part of the file /webui/?aaaportalauthlocalsubmit. The manipulation of the argument suffix results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-3943
CVE-2026-3943 affects H3C ACG1000-AK230. The vulnerability is a remote command-injection in an unknown part of /webui/?aaa_portal_auth_local_submit caused by manipulation of the argument suffix. Exploitation is possible without authentication and can be executed remotely; exploit details are publ...
CVE-2026-23814
This CVE concerns a vulnerability in the AOS-CX CLI where command parameters can be exploited to inject malicious commands by a low-privileged, authenticated remote attacker. The issue is actionable via network access, with no user interaction required, and it affects the ability to maintain conf...
CVE-2026-23814 Authenticated Command Injection found in AOS-CX CLI Command
A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior...
VulnCheck KEV: CVE-2025-8937
A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826. This vulnerability affects unknown code of the file /boafrm/formSysCmd. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...
Mageia: Security Advisory (MGASA-2026-0054)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-3798
A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub44AC14 of the file /cgi-bin/mbox-config?method=SET=pingconfig of the component Request Path Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public...
CVE-2026-3680
A security flaw has been discovered in RyuzakiShinji biome-mcp-server up to 1.0.0. Affected by this issue is some unknown functionality of the file biome-mcp-server.ts. Performing a manipulation results in command injection. The attack can be initiated remotely. The exploit has been released to t...
EUVD-2026-10290
A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub44AC14 of the file /cgi-bin/mbox-config?method=SET§ion=pingconfig of the component Request Path Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is no...
CVE-2026-3798
A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub44AC14 of the file /cgi-bin/mbox-config?method=SET§ion=pingconfig of the component Request Path Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is no...
CVE-2026-3798
A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub44AC14 of the file /cgi-bin/mbox-config?method=SET§ion=pingconfig of the component Request Path Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is no...
CVE-2026-3798
A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub44AC14 of the file /cgi-bin/mbox-config?method=SET§ion=pingconfig of the component Request Path Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is no...