3875 matches found
CVE-2023-0648
A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2023-0649
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2023-0649
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2023-0646
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed ...
CVE-2023-0646
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed ...
CVE-2023-0646
CVE-2023-0646 affects dst-admin 1.5.0. The vulnerability arises from an unknown functionality in the file /home/cavesConsole where manipulation of the command argument enables remote command injection. Exploitation has been publicly disclosed. Multiple connected sources identify this as a remote-...
CVE-2023-0640
A vulnerability was found in TRENDnet TEW-652BRP 3.04b01. It has been classified as critical. Affected is an unknown function of the file ping.ccp of the component Web Interface. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2023-0638
A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and ma...
CVE-2023-0638
A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and ma...
PT-2023-16417 · Trendnet · Trendnet Tew-652Brp
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-652BRP version 3.04b01 Description: A critical issue has been found in the Web Interface component of the affected software, specifically in an unknown function of the file ping.ccp. This issue leads to command injection and can ...
CVE-2023-0611
A vulnerability, which was classified as critical, has been found in TRENDnet TEW-652BRP 3.04B01. This issue affects some unknown processing of the file getset.ccp of the component Web Management Interface. The manipulation leads to command injection. The attack may be initiated remotely. The...
Ruckus Networks 多款产品命令注入漏洞
Ruckus Networks Unleashed C110 is a wireless LAN product from Ruckus Networks, Inc. A security vulnerability exists in various RUCKUS Networks products that originates from a remote code execution command injection that alters and sets unauthorized "illegal region codes", resulting in the operati...
PT-2023-6856 · Delta · Delta Dx-3021
Name of the Vulnerable Software and Affected Versions: Delta DX-3021 versions prior to 1.24 Description: The webserver in Delta DX-3021 is vulnerable to command injection through the network diagnosis page. This issue could allow a remote unauthenticated user to add files, delete files, and chang...
PT-2023-3460 · Western Digital · My Cloud Os
Name of the Vulnerable Software and Affected Versions: My Cloud OS 5 versions prior to 5.26.300 Description: The issue is related to a lack of data cleaning measures at the management level in My Cloud OS, which can be exploited by a remote attacker to execute arbitrary commands. Specifically, it...
CVE-2021-4304
A vulnerability was found in eprintsug ulcc-core. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file cgi/toolbox/toolbox. The manipulation of the argument password leads to command injection. The attack can be launched remotely. The patch is...
CVE-2022-4643
A vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdfocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1...
VulnCheck KEV: CVE-2017-17105
Zivif PR115-204-P-RS V2.3.4.2103 and V4.7.4.2121 and possibly in-between versions web cameras are vulnerable to unauthenticated, blind remote command injection via CGI scripts used as part of the web interface, as demonstrated by a...
CVE-2022-4364
A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. Affected by this issue is some unknown functionality of the file palette.php of the component Web Service Handler. The manipulation of the argument palette leads to command injection. The attack is possible to be carried out...
PT-2022-26985 · Teledyne Flir · Teledyne Flir Ax8
Name of the Vulnerable Software and Affected Versions: Teledyne FLIR AX8 versions up to 1.46.16 Description: A critical vulnerability has been found in the Web Service Handler component of the affected software. The issue is related to an unknown function of the file palette.php, where the...
Teledyne FLIR AX8 操作系统命令注入漏洞
Teledyne FLIR AX8 is a series of thermal surveillance cameras from Teledyne FLIR USA. A command injection vulnerability exists in Teledyne FLIR AX8 version 1.46.16 and earlier, which stems from an unknown function in the palette.php file of its Web Service Handler component that operates on the...