PT-2026-6775

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security flaw exists in the D-Link DIR-823X version 250416. The issue is located in the Web Management Interface, specifically within the file /goform/set ac server. Manipulation of the ac server...

Digiever DS-2105 Pro - Command Injection

Digiever DS-2105 Pro 3.1.0.71-11 contains a command injection caused by unsanitized input in timetzsetup.cgi, letting attackers execute arbitrary commands remotely, exploit requires no authentication. id: CVE-2023-52163 info: name: Digiever DS-2105 Pro - Command Injection author: rajesh-social-te...

VulnCheck KEV: CVE-2025-14586

A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi.cgi?action=exportOvpn&type=user. This manipulation of the argument User causes os command injection. Remote exploitation of the attack is possible...

CVE-2026-1802

A security flaw has been discovered in Ziroom ZHOME A0101 1.0.1.0. This issue affects the function macAddrClone of the file luci\controller\api\zrMacClone.lua. The manipulation of the argument macType results in command injection. The attack may be launched remotely. The exploit has been released...

CVE-2026-1802 Ziroom ZHOME A0101 zrMacClone.lua macAddrClone command injection

A security flaw has been discovered in Ziroom ZHOME A0101 1.0.1.0. This issue affects the function macAddrClone of the file luci\controller\api\zrMacClone.lua. The manipulation of the argument macType results in command injection. The attack may be launched remotely. The exploit has been released...

CVE-2026-1802 Ziroom ZHOME A0101 zrMacClone.lua macAddrClone command injection

A security flaw has been discovered in Ziroom ZHOME A0101 1.0.1.0. This issue affects the function macAddrClone of the file luci\controller\api\zrMacClone.lua. The manipulation of the argument macType results in command injection. The attack may be launched remotely. The exploit has been released...

CVE-2026-1802

Summary (CVE-2026-1802) : Ziroom ZHOME A0101 (version 1.0.1.0) is affected by a command injection in the macAddrClone function from luci/controller/api/zrMacClone.lua, caused by unsafe handling of the macType argument. This enables remote exploitation as described in multiple sources. The exploit...

PT-2026-6060

Name of the Vulnerable Software and Affected Versions Ziroom ZHOME A0101 version 1.0.1.0 Description A security flaw exists in Ziroom ZHOME A0101. The issue is due to command injection resulting from the manipulation of the macType argument within the macAddrClone function located in the...

CVE-2026-1689

A vulnerability was detected in Tenda HG10 USHG7HG9HG10re300001138enxpon. The impacted element is the function checkUserFromLanOrWan of the file /boaform/admin/formLogin of the component Login Interface. The manipulation of the argument Host results in command injection. The attack can be launche...

CVE-2026-1687

A weakness has been identified in Tenda HG10 USHG7HG9HG10re300001138enxpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to launch the attack...

CVE-2026-1624

A security vulnerability has been detected in D-Link DWR-M961 1.1.47. The affected element is an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2026-1625

A vulnerability was detected in D-Link DWR-M961 1.1.47. The impacted element is the function sub4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of the argument actionvalue results in command injection. The attack may be initiated remotely. The...

EulerOS Virtualization 2.10.0 : emacs (EulerOS-SA-2026-1163)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted...

EulerOS Virtualization 2.10.1 : emacs (EulerOS-SA-2026-1112)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted...

CVE-2020-37027

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...

CVE-2020-37027 Sickbeard 0.1 - Remote Command Injection

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...

CVE-2020-37027 Sickbeard 0.1 - Remote Command Injection

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...

CVE-2020-37027

Technical details (affected product/version, root cause, exploit info, and fixes) are not publicly provided in the connected documents. Monitor for updates and refer to official advisories for CVE-2020-37027.

CVE-2020-37027

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...

CVE-2026-1601

A weakness has been identified in Totolink A7000R 4.1cu.4154. The impacted element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument FileName can lead to command injection. The attack can be launched remotely. The exploit has been made...