Lucene search
K

3875 matches found

Cvelist
Cvelist
added 2026/01/22 2:2 p.m.24 views

CVE-2026-1327 Totolink NR1800X POST Request cstecgi.cgi setTracerouteCfg command injection

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be...

6.5CVSS0.02646EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/22 1:32 p.m.9 views

CVE-2026-1326

A weakness has been identified in Totolink NR1800X 9.1.0u.6279B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated...

8.8CVSS6.4AI score0.03212EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/22 1:32 p.m.5 views

CVE-2026-1326 Totolink NR1800X POST Request cstecgi.cgi setWanCfg command injection

A weakness has been identified in Totolink NR1800X 9.1.0u.6279B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated...

6.5CVSS5.5AI score0.03212EPSS
Exploits1References5
CVE
CVE
added 2026/01/22 1:32 p.m.20 views

CVE-2026-1326

Totolink NR1800X (firmware 9.1.0u.6279_B20210910) is affected by CVE-2026-1326. The vulnerability exists in the POST Request Handler’s /cgi-bin/cstecgi.cgi function setWanCfg, where manipulating the Hostname argument can trigger a command injection. The issue can be exploited remotely and the exp...

8.8CVSS5.5AI score0.03212EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/01/22 1:2 p.m.38 views

CVE-2026-1324

Summary: CVE-2026-1324 affects Sangfor Operation and Maintenance Management System (

9.8CVSS5.3AI score0.06437EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.7 views

PT-2026-3936

A weakness has been identified in Totolink NR1800X 9.1.0u.6279 B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated...

6.5CVSS5.5AI score0.03212EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.10 views

PT-2026-3932

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.12 Description A flaw exists in Sangfor Operation and Maintenance Management System. This issue is related to the SessionController function within the SSH Protocol Handler...

9.8CVSS7.2AI score0.06437EPSS
Exploits1References10
VulnCheck KEV
VulnCheck KEV
added 2026/01/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2025-7407

A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument hostname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

8.8CVSS5.5AI score0.083EPSS
In wildExploits1References6
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.6 views

PT-2026-3938

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279 B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be...

6.5CVSS5.4AI score0.02646EPSS
Exploits1References6
VulnCheck KEV
VulnCheck KEV
added 2026/01/22 12:0 a.m.14 views

VulnCheck KEV: CVE-2025-8829

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function umred of the file /goform/RPsetBasicAuto. The manipulation of the argument hname leads to os command injection. The attack can be launched...

8.8CVSS5.4AI score0.08257EPSS
In wildExploits1References6
RedhatCVE
RedhatCVE
added 2026/01/20 11:26 p.m.5 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS7.1AI score0.06123EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/20 11:24 a.m.6 views

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

8.8CVSS6.4AI score0.0235EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : cups-filters-1.28.7-17.el9_4 (AXSA:2024-8862:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8862:03 advisory. cups-browsed: cups-browsed binds on UDP INADDRANY:631 trusting any packet from any source cups-filters: libcupsfilters: cfGetPrinterAttributes API...

9.8CVSS7.5AI score0.76959EPSS
Exploits16References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : cups-2.3.3op2-31.el9 (AXSA:2024-9124:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9124:11 advisory. cups: libppd: remote command injection via attacker controlled data in PPD file Tenable has extracted the preceding description block directly from the...

9.8CVSS7.3AI score0.62474EPSS
Exploits5References2
OSV
OSV
added 2026/01/19 11:16 p.m.3 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.3CVSS5.7AI score0.06123EPSS
Exploits1References4
NVD
NVD
added 2026/01/19 11:16 p.m.6 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS0.06123EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/19 11:2 p.m.3 views

CVE-2026-1192 Tosei Online Store Management System ネット店舗管理システム imode_alldata.php command injection

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS5.4AI score0.06123EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/01/19 11:2 p.m.3 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS5.3AI score0.06123EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/01/19 11:2 p.m.16 views

CVE-2026-1192

CVE-2026-1192 affects Tosei Online Store Management System 1.01. The vulnerability is in an unknown function within /cgi-bin/imode_alldata.php where manipulating the DevId argument can cause remote command injection. Public exploit details exist; vendor was contacted but did not respond. Descript...

7.5CVSS5.4AI score0.06123EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/01/19 11:15 a.m.5 views

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

8.8CVSS5.7AI score0.0235EPSS
Exploits1References5
Rows per page
Query Builder