CVE-2025-8825

The CVE-2025-8825 vulnerability affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 (firmware up to 20250801). Root cause: manipulation of staticIp/staticNetmask in the RP_setBasicAuto function (/goform/RP_setBasicAuto) enables OS command injection. Exploitation can be performed remotely, a...

CVE-2025-8821

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function RPsetBasic of the file /goform/RPsetBasic. The manipulation of the argument bssid leads to os command injection. The attack may be initiated remotely. The...

CVE-2025-8823

CVE-2025-8823 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801. The issue is in the function setDeviceName of /goform/setDeviceName, where manipulating the DeviceName argument leads to OS command injection. The vulnerability can be exploited remotely, and public proof-of-e...

CVE-2025-8823 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setDeviceName os command injection

A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setDeviceName of the file /goform/setDeviceName. The manipulation of the argument DeviceName leads to os command injection. The attack can be...

CVE-2025-8821

CVE-2025-8821 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 series. Root cause: manipulation of the bssid argument in RP_setBasic (/goform/RP_setBasic) enables OS command injection. Vulnerable versions are listed up to 20250801. Exploitation may be initiated remotely; the exploit has ...

CVE-2025-8821 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_setBasic os command injection

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function RPsetBasic of the file /goform/RPsetBasic. The manipulation of the argument bssid leads to os command injection. The attack may be initiated remotely. The...

CVE-2025-8818

A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setDFSSetting of the file /goform/setLan. The manipulation of the argument lanNetmask/lanIp leads to os command injection. The attack may be launched...

CVE-2025-8818 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setLan setDFSSetting os command injection

A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setDFSSetting of the file /goform/setLan. The manipulation of the argument lanNetmask/lanIp leads to os command injection. The attack may be launched...

CVE-2025-8752

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...

CVE-2025-8752 wangzhixuan spring-shiro-training add command injection

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...

CVE-2025-8752

The CVE-2025-8752 entry concerns the wangzhixuan spring-shiro-training project (up to commit 94812c1fd8f7fe796c931f4984ff1aa0671ab562). The vulnerability is in the /role/add code path and is due to a command injection vulnerability. It is exploitable remotely and has been publicly disclosed. The ...

CVE-2025-8752 wangzhixuan spring-shiro-training add command injection

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...

Exploit for CVE-2025-7769

CVE-2025-7769 – Remote Command Injection in mobileapi Des...

Tigo Energy CCA Command Injection

This repository contains a proof of concept exploit exploit for CVE‑2025‑7769, a critical remote command injection vulnerability found in Tigo Energy CCA appliances exposing the /cgi-bin/mobileapi endpoint...

Itemir M300 Wi-Fi Repeater 安全漏洞

The Itemir M300 Wi-Fi Repeater is a wireless repeater from China-based Itemir. A security vulnerability exists in the Itemir M300 Wi-Fi Repeater that stems from an uncleared passwd parameter, which could lead to an unauthenticated remote command injection attack...

Itemir M300 Wi-Fi Repeater 安全漏洞

The Itemir M300 Wi-Fi Repeater is a wireless repeater from Itemir China. A security vulnerability exists in the Itemir M300 Wi-Fi Repeater that stems from the time parameter not being cleaned, which could lead to an unauthenticated remote command injection attack...

PT-2025-32308 · Unknown · Agentuniverse

Name of the Vulnerable Software and Affected Versions: agentUniverse versions up to 0.0.18 Description: A critical issue exists in agentUniverse that allows for remote OS command injection. The issue affects the StdioServerParameters function within the MCPSessionManager/MCPTool/MCPToolkit...

Itemir M300 Wi-Fi Repeater 安全漏洞

The Itemir M300 Wi-Fi Repeater is a wireless repeater from China-based Itemir. A security vulnerability exists in the Itemir M300 Wi-Fi Repeater that stems from an uncleared ssid parameter, which could lead to an unauthenticated remote command injection attack...

CVE-2025-8652

Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2025-1739)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...