CVE-2025-13799

A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function apmacfilterdel of the file /sendorder.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2025-13799

A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function apmacfilterdel of the file /sendorder.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2025-13798

A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function apmacfilteradd of the file /sendorder.cgi. Executing manipulation of the argument mac can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The...

EUVD-2025-199941

A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function apmacfilterdel of the file /sendorder.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2025-13798 ADSLR NBR1005GPEV2 send_order.cgi ap_macfilter_add command injection

A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function apmacfilteradd of the file /sendorder.cgi. Executing manipulation of the argument mac can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The...

CVE-2025-13798 ADSLR NBR1005GPEV2 send_order.cgi ap_macfilter_add command injection

A flaw has been found in ADSLR NBR1005GPEV2 250814-r037c. This affects the function apmacfilteradd of the file /sendorder.cgi. Executing manipulation of the argument mac can lead to command injection. The attack may be performed from remote. The exploit has been published and may be used. The...

CVE-2025-13797 ADSLR B-QE2W401 send_order.cgi parameterdel_swifimac command injection

A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdelswifimac of the file /sendorder.cgi. Performing manipulation of the argument delswifimac results in command injection. The attack is possible to be carried out remotely. The exploit is...

CVE-2025-13797

The CVE-2025-13797 issue affects ADSLR B-QE2W401 (version 250814-r037c). The vulnerable component is the function parameter del_swifimac in /send_order.cgi, where manipulation enables remote command injection. Exploitation is publicly available and vendor has not responded. No specific patch/vers...

CVE-2025-13797 ADSLR B-QE2W401 send_order.cgi parameterdel_swifimac command injection

A vulnerability was detected in ADSLR B-QE2W401 250814-r037c. Affected by this issue is the function parameterdelswifimac of the file /sendorder.cgi. Performing manipulation of the argument delswifimac results in command injection. The attack is possible to be carried out remotely. The exploit is...

PT-2025-48403

Name of the Vulnerable Software and Affected Versions ADSLR NBR1005GPEV2 version 250814-r037c Description A flaw exists in ADSLR NBR1005GPEV2 250814-r037c that allows for remote command injection. The issue is located within the ap macfilter del function of the /send order.cgi file. Manipulation ...

PT-2025-48400

Name of the Vulnerable Software and Affected Versions ADSLR B-QE2W401 version 250814-r037c Description A command injection issue exists in ADSLR B-QE2W401 250814-r037c. Manipulation of the del swifimac parameter within the /send order.cgi file can lead to command execution. This attack can be...

📄 LG Simple Editor 3.21.0 Remote Command Injection

LG Simple Editor version 3.21.0 proof of concept remote command injection exploit. ============================================================================================================================================= | Title : LG Simple Editor 3.21.0 PHP Code Injection Vulnerability | |...

PT-2025-48401

Name of the Vulnerable Software and Affected Versions ADSLR NBR1005GPEV2 version 250814-r037c Description A flaw exists in ADSLR NBR1005GPEV2 250814-r037c. The issue is related to the ap macfilter add function within the /send order.cgi file. Manipulation of the mac argument can result in command...

EUVD-2025-199764

TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "nextfile," which allows an attacker to execute arbitrary commands with root privileges...

CVE-2025-64127 Zenitel TCIV-3+ OS Command Injection

An OS command injection vulnerability exists due to insufficient sanitization of user-supplied input. The application accepts parameters that are later incorporated into OS commands without adequate validation. This could allow an unauthenticated attacker to execute arbitrary commands remotely...

TRENDnet TEW-657BRM 安全漏洞

The TRENDnet TEW-657BRM is a WiFi router from TRENDnet. The TRENDnet TEW-657BRM suffers from a command injection vulnerability that is caused by a flaw in the setup.cgi binary file. An attacker can exploit this vulnerability to execute arbitrary operating system commands on the system...

CVE-2025-65202

CVE-2025-65202 affects TRENDnet TEW-657BRM firmware 1.00.1, with an authenticated remote OS command injection in the setup.cgi binary. The vulnerability is exploitable via HTTP parameters named “command”, “todo”, and “next_file,” allowing execution of arbitrary commands with root privileges. Curr...

VulnCheck KEV: CVE-2024-10915

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument group leads to os command injection. T...

CVE-2025-13562

A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerabili...

PT-2025-47856

Name of the Vulnerable Software and Affected Versions D-Link DIR-852 version 1.00 Description A flaw exists in the processing of the /gena.cgi file on the device. Manipulating the service argument can lead to command injection, allowing for remote execution of commands. The exploit is publicly...