H3C Magic NX30 Pro 注入漏洞

H3C Magic NX30 Pro is a home router supporting WiFi6 3000M rate from China's Xinhua San H3C. It is used for home network coverage to provide high-speed and stable wireless network. An injection vulnerability exists in H3C Magic NX30 Pro V100R007 and earlier versions, which originates from a comma...

H3C多款产品 安全漏洞

H3C Magic NX30 Pro and others are products of China's Xinhua San H3C.H3C Magic NX30 Pro is a home router that supports WiFi6 3000M rate.H3C Magic NX15 is a router.H3C Magic NX400 is a router. A security vulnerability exists in several H3C products. The vulnerability stems from a command injection...

CVE-2025-2701

A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0. This vulnerability affects the function popen of the file /manager/network/portsetup.php. The manipulation of the argument SwitchVersion/SwitchWrite/SwitchIP/SwitchIndex/SwitchState leads to os command...

CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

FUJISOFT +F FS010M 操作系统命令注入漏洞

FUJISOFT +F FS010M is a wireless router from Fuji Software FUJISOFT Japan. An operating system command injection vulnerability exists in versions prior to FUJISOFT +F FS010M G20V2.0.11101, which stems from an OS command injection issue that could lead to a remote authenticated attacker executing...

cups security update

An update is available for cups. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Common UNIX Printing System CUPS provides a portable printing layer for Linu...

RLSA-2024:9470 Low: cups security update

The Common UNIX Printing System CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fixes: cups: libppd: remote command injection via attacker controlled data in PPD file For more details about the security issues, including the impact, a CVSS score,...

CVE-2024-48017

Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code...

CVE-2024-26290 Authenticated Remote Command Injection affecting Avid NEXIS

Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance SDA+ on Linux allows code execution on underlying operating system with root permissions.This issue affects Avid NEXIS...

CVE-2025-2096

A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This vulnerability affects the function setRebootScheCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mode/week/minute/recHour leads to os command injection. The attack can be initiat...

CVE-2025-2094

A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. It has been rated as critical. Affected by this issue is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliKey/key leads to os command injection. The attack may be launche...

QNAP Systems QuRouter 安全漏洞

QNAP Systems QuRouter is a router management system from China Weilian Technology QNAP Systems. A security vulnerability exists in QNAP Systems QuRouter that stems from command injection and could lead to a remote attacker executing arbitrary commands...

CVE-2025-1947

A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageController.java. The manipulation of the argument param leads to command injection. It is possible to initiate the attack remotely. The...

CVE-2025-1829

A vulnerability was found in TOTOLINK X18 9.1.0cu.2024B20220329. It has been declared as critical. This vulnerability affects the function setMtknatCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument mtkhnatEnable leads to os command injection. The attack can be initiated...

CVE-2025-1800

A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This vulnerability affects the function getipaddrdetails of the file /view/vpn/sxhvpn/sxhvpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument ethname leads to command injection. Th...

PT-2025-8982

Name of the Vulnerable Software and Affected Versions Tuoshi/Dionlink LT15D 4G Wi-Fi devices version M7628NNxlSPv2xUI v1.0.1802.10.08 P4 Tuoshi/Dionlink LT21B devices version M7628xUSAxUIv2 v1.0.1481.15.02 P0 Description An issue allows a remote attacker with network access to exploit a command...

CVE-2025-1616

A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this issue is some unknown functionality of the component Diagnosis. The manipulation of the argument Destination Address leads to os command injection. The attack may be launche...

CVE-2025-1610

LB-LINK AC1900 Router 1.0.2 is affected by an OS command injection in the websGetVar function of /goform/set_blacklist. The vulnerability stems from manipulating the mac/enable parameter, potentially allowing remote exploitation. The CVE is supported by multiple sources (NVD, Red Hat, CVE lists) ...

PT-2025-7699 · Fiberhome · Fiberhome An5506-01A Onu Gpon Rp2511

Name of the Vulnerable Software and Affected Versions: FiberHome AN5506-01A ONU GPON RP2511 affected versions not specified Description: A critical issue has been found in the Diagnosis component of the affected software, where the manipulation of the Destination Address argument leads to os...

PT-2025-6919 · Synway · Synway Smg Gateway Management

Name of the Vulnerable Software and Affected Versions: Synway SMG Gateway Management Software up to 20250204 Description: A critical issue affects the processing of the file 9-12ping.php in Synway SMG Gateway Management Software. The manipulation of the retry argument leads to command injection...