Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3861 matches found

CVE
CVEadded 2025/09/09 2:32 p.m.18 views

CVE-2025-10107

TRENDnet TEW-831DR v1.0 (601.130.1.1410) contains a command-injection flaw in the /boafrm/formSysCmd function, triggered by manipulating the sysHost argument. This vulnerability can be exploited remotely and has public exploit disclosures. Several sources (including NVD/Red Hat CVE entries and PT...

5.8CVSS4.9AI score0.03861EPSS
Exploits0References4
NVD
NVDadded 2025/09/09 3:15 a.m.4 views

CVE-2025-10123

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS0.03986EPSS
Exploits1References6
OSV
OSVadded 2025/09/09 3:15 a.m.1 views

CVE-2025-10123

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS5.6AI score0.03986EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2025/09/09 2:32 a.m.2 views

CVE-2025-10123 D-Link DIR-823X set_static_leases sub_415028 command injection

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

7.5CVSS6.8AI score0.03986EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/09/09 12:0 a.m.5 views

PT-2025-36565

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823X versions up to 250416 Description: A vulnerability exists in D-Link DIR-823X routers that allows for remote command injection. The vulnerability is located in the sub 415028 function of the /goform/set static leases file...

7.5CVSS7.4AI score0.03986EPSS
Exploits1References15
RedhatCVE
RedhatCVEadded 2025/09/05 11:23 p.m.9 views

CVE-2025-9934

A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415B20250515. This affects the function sub410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection. Remote exploitation of the attack is possible. The exploit has been made public and...

6.5CVSS6.8AI score0.03738EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/09/05 11:23 p.m.8 views

CVE-2025-9935

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866B20220506. This vulnerability affects the function sub4159F8 of the file /webcste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed an...

7.5CVSS7.1AI score0.02997EPSS
Exploits1References1
NVD
NVDadded 2025/09/04 10:42 a.m.19 views

CVE-2025-9935

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866B20220506. This vulnerability affects the function sub4159F8 of the file /webcste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed an...

9.8CVSS0.02997EPSS
Exploits1References5
OSV
OSVadded 2025/09/04 10:42 a.m.7 views

CVE-2025-9935

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866B20220506. This vulnerability affects the function sub4159F8 of the file /webcste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed an...

9.8CVSS5.7AI score0.02997EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/09/03 11:2 p.m.17 views

CVE-2025-9935 TOTOLINK N600R cstecgi.cgi sub_4159F8 command injection

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866B20220506. This vulnerability affects the function sub4159F8 of the file /webcste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed an...

7.5CVSS0.02997EPSS
Exploits1References5
CVE
CVEadded 2025/09/03 11:2 p.m.17 views

CVE-2025-9935

The CVE-2025-9935 entry concerns TOTOLINK N600R version 4.3.0cu.7866_B20220506. The issue affects the function sub_4159F8 in /web_cste/cgi-bin/cstecgi.cgi, where manipulation can lead to a remote command injection. The exploit is publicly disclosed and may be utilized. Multiple connected sources ...

9.8CVSS7.3AI score0.02997EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2025/09/03 10:32 p.m.2 views

CVE-2025-9934 TOTOLINK X5000R cstecgi.cgi sub_410C34 command injection

A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415B20250515. This affects the function sub410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection. Remote exploitation of the attack is possible. The exploit has been made public and...

6.5CVSS6.4AI score0.03738EPSS
Exploits1References6
CVE
CVEadded 2025/09/03 10:32 p.m.18 views

CVE-2025-9934

CVE-2025-9934 affects TOTOLINK X5000R 9.1.0cu.2415_B20250515. The vulnerability is in the function sub_410C34 of the file /cgi-bin/cstecgi.cgi, where manipulation of the pid argument can trigger a command injection. Remote exploitation is possible and the exploit has been made public. Multiple co...

9.8CVSS6.4AI score0.03738EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVEadded 2025/09/03 12:13 a.m.6 views

CVE-2025-9752

A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgimain of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS7.2AI score0.15815EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/09/03 12:0 a.m.7 views

PT-2025-35850

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2415 B20250515 Description: A command injection issue exists in the sub 410C34 function of the /cgi-bin/cstecgi.cgi file. Manipulation of the pid argument can lead to remote code execution. The exploit has been...

6.5CVSS7.1AI score0.03738EPSS
Exploits1References10
Positive Technologies
Positive Technologiesadded 2025/09/03 12:0 a.m.5 views

PT-2025-35851

Name of the Vulnerable Software and Affected Versions: TOTOLINK N600R version 4.3.0cu.7866 B20220506 Description: A vulnerability exists in the function sub 4159F8 of the file /web cste/cgi-bin/cstecgi.cgi that can lead to command injection. This issue can be exploited remotely. The exploit has...

7.5CVSS6.5AI score0.02997EPSS
Exploits1References9
RedhatCVE
RedhatCVEadded 2025/09/02 9:35 p.m.2 views

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

7.2CVSS7.1AI score0.09746EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/09/02 11:35 a.m.5 views

CVE-2025-9727

A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgimain of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the publ...

6.5CVSS6.5AI score0.04797EPSS
Exploits1References1
OSV
OSVadded 2025/09/01 1:15 a.m.3 views

CVE-2025-9752

A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgimain of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS5.6AI score0.15815EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/09/01 12:0 a.m.6 views

PT-2025-35457

Name of the Vulnerable Software and Affected Versions SkyBridge BASIC MB-A130 versions prior to 1.5.8 Description Improper neutralization of special elements used in an OS command 'OS Command Injection' exists in the software. If exploited, a remote unauthenticated attacker may execute arbitrary ...

9.8CVSS10AI score0.03214EPSS
Exploits0References12
Rows per page
Query Builder