Lucene search
K

3874 matches found

Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.14 views

PT-2026-41543

Name of the Vulnerable Software and Affected Versions kalcaddle Kodbox versions prior to 1.65 Description Command injection is possible via remote attack in the fileThumb Plugin. The issue exists within the parseVideoInfo function located in the...

6.5CVSS6.8AI score0.01182EPSS
Exploits0References6
NCSC
NCSC
added 2026/05/15 12:7 p.m.18 views

Vulnerabilities found in F5 BIG-IP and BIG-IQ products

F5 has identified several vulnerabilities in the BIG-IP and BIG-IQ products, including components such as iControl REST, iControl SOAP, TMOS Shell, Traffic Management Microkernel TMM, Configuration Utility, Advanced WAF, ASM, PEM, DNS, Access Policy Manager APM, and SSL Orchestrator. The...

9.1CVSS6.1AI score0.00886EPSS
Exploits0References41
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.9 views

CVE-2026-8344

A weakness has been identified in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this vulnerability is the function sub445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the...

8.8CVSS6.4AI score0.03156EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.9 views

EUVD-2026-29964

When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...

8.7CVSS5.5AI score0.00692EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 4:16 p.m.15 views

CVE-2026-34176

When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...

8.7CVSS0.00692EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 2:12 p.m.9 views

CVE-2026-34176 Knowledge Appliance mode iControl REST vulnerability

When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...

8.7CVSS5.5AI score0.00692EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 2:12 p.m.28 views

CVE-2026-34176 Knowledge Appliance mode iControl REST vulnerability

When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...

8.7CVSS0.00692EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.13 views

PT-2026-40638

Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.2 F5 BIG-IP versions prior to 17.5.1.6 F5 BIG-IP versions prior to 21.0.0.2 Description When running in Appliance mode, an authenticated remote command injection exists in an undisclosed iControl REST endpoin...

8.7CVSS5.7AI score0.00692EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/12 2:21 p.m.9 views

CVE-2026-8272

A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfilemgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public...

7.2CVSS5.5AI score0.05587EPSS
Exploits1References1
NVD
NVD
added 2026/05/12 10:16 a.m.13 views

CVE-2025-40947

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

7.7CVSS0.00442EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.12 views

CVE-2026-8228

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

8.8CVSS6.4AI score0.04807EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.10 views

CVE-2026-8191

A vulnerability was identified in Wavlink NU516U1 M16U1V240425. This affects the function wifiregion of the file /cgi-bin/adm.cgi. Such manipulation of the argument skiplist1/skiplist2 leads to os command injection. The attack can be launched remotely. The exploit is publicly available and might ...

8.8CVSS6.5AI score0.05344EPSS
Exploits1References1
NVD
NVD
added 2026/05/12 12:17 a.m.17 views

CVE-2026-8346

A vulnerability was detected in D-Link DIR-816 1.10CNB05R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ipaddress results in command injection. The attack can be initiated remotely. The exploit is now public and may be used...

8.8CVSS0.03095EPSS
Exploits1References5
NVD
NVD
added 2026/05/11 11:20 p.m.34 views

CVE-2026-8345

A security vulnerability has been detected in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this issue is the function sub445E7C of the file /goform/singlePortForward. Such manipulation of the argument ipaddress leads to command injection. It is possible to launch the attack remotely. The...

8.8CVSS0.03156EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/11 11:15 p.m.5 views

CVE-2026-8346

A vulnerability was detected in D-Link DIR-816 1.10CNB05R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ipaddress results in command injection. The attack can be initiated remotely. The exploit is now public and may be used...

6.5CVSS6.5AI score0.03095EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/05/11 10:22 p.m.18 views

CVE-2026-8344

A weakness has been identified in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this vulnerability is the function sub445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the...

8.8CVSS0.03156EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/11 10:0 p.m.6 views

CVE-2026-8345

A security vulnerability has been detected in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this issue is the function sub445E7C of the file /goform/singlePortForward. Such manipulation of the argument ipaddress leads to command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.03156EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/05/11 10:0 p.m.18 views

EUVD-2026-29346

A security vulnerability has been detected in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this issue is the function sub445E7C of the file /goform/singlePortForward. Such manipulation of the argument ipaddress leads to command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.03156EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/11 9:30 p.m.7 views

CVE-2026-8344 D-Link DIR-816 formDMZ.cgi sub_445E7C command injection

A weakness has been identified in D-Link DIR-816 1.10CNB05R1B011D88210. Affected by this vulnerability is the function sub445E7C of the file /goform/formDMZ.cgi. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the...

6.5CVSS6.4AI score0.03156EPSS
Exploits1References5
CVE
CVE
added 2026/05/11 9:30 p.m.19 views

CVE-2026-8344

The CVE describes a command injection in D-Link DIR-816 running 1.10CNB05_R1B011D88210. The vulnerability is in the function sub_445E7C of /goform/formDMZ.cgi, enabling remote execution of arbitrary commands. Several connected sources confirm remote exploitability and public availability of explo...

8.8CVSS6.4AI score0.03156EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder