CVE-2021-1550

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper...

Zzzcms 操作系统命令注入漏洞

ZZZCMS zzzphp is a content management system CMS. A security vulnerability exists in Zzzcms prior to version 2.0.4. The vulnerability stems from the failure of a network system or product to properly filter special characters, commands, etc. during the execution of user input construction command...

Command injection

Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...

CVE-2020-21992

Inim Electronics SmartLiving SmartLAN/G/SI =6.x suffers from an authenticated remote command injection vulnerability. The issue exist due to the 'par' POST parameter not being sanitized when called with the 'testemail' module through web.cgi binary. The vulnerable CGI binary ELF 32-bit LSB...

Akuvox C315 Remote Command Injection Vulnerability

The Akuvox C315 is a 7-inch Android indoor monitor. A remote command injection vulnerability exists in the cfgdserver service in Akuvox C315 version 115.116.2613. An attacker can exploit this vulnerability by sending a payload to port 189 to inject and execute commands...

CVE-2021-31726

Akuvox C315 115.116.2613 allows remote command Injection via the cfgdserver service. The attack vector is sending a payload to port 189 default root 0.0.0.0...

CVE-2021-31726

Akuvox C315 115.116.2613 allows remote command Injection via the cfgdserver service. The attack vector is sending a payload to port 189 default root 0.0.0.0...

Command injection

Akuvox C315 115.116.2613 allows remote command Injection via the cfgdserver service. The attack vector is sending a payload to port 189 default root 0.0.0.0...

CVE-2021-31726

CVE-2021-31726 affects Akuvox C315 (7-inch Android indoor monitor). The cfgd_server service is vulnerable to remote command injection when a payload is sent to port 189 on 0.0.0.0, enabling arbitrary command execution. NVD cites CVSS v3.1 base score 9.8 (CRITICAL) with network access and no authe...

CVE-2021-31726

Akuvox C315 115.116.2613 allows remote command Injection via the cfgdserver service. The attack vector is sending a payload to port 189 default root 0.0.0.0...

CVE-2021-27708

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system...

NEC Aterm WF1200C 操作系统命令注入漏洞

The NEC Aterm WF1200C is a wireless router from Nippon Electric NEC. A security vulnerability exists in Aterm WF1200CR: version 1.3.2, version 1.3.3, and version 1.5.1, which allows remote users to execute arbitrary shell commands on the target system...

NEC Aterm WG2600HS 操作系统命令注入漏洞

The NEC Aterm WG2600HS is a wireless router from Nippon Electric NEC. Aterm WG2600HS: Version 1.5.1 contains a security vulnerability that could allow a remote attacker to execute arbitrary shell commands on the target system...

CVE-2021-26679

A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying...

CVE-2020-2507

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3...

CVE-2020-35851

HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system...

CVE-2020-35851

HGiga MailSherlock is affected by CVE-2020-35851: a vulnerability where the product does not validate specific parameters properly, enabling remote command injection and arbitrary command execution. The issue is documented across multiple sources (e.g., CNVD-2021-06950, NVD, CVE lists) and is des...

CVE-2020-24634

An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI Aruba Networks AP Management protocol UDP port 8211 of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility...

CVE-2020-24634

An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI Aruba Networks AP Management protocol UDP port 8211 of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility...

WARNING — Critical Remote Hacking Flaws Affect D-Link VPN Routers

Some widely sold D-Link VPN router models have been found vulnerable to three new high-risk security vulnerabilities, leaving millions of home and business networks open to cyberattacks—even if they are secured with a strong password. Discovered by researchers at Digital Defense, the three securi...