Lucene search
K

3873 matches found

Vulnrichment
Vulnrichment
added 2026/04/20 4:39 p.m.3 views

CVE-2026-22761

Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...

6.7CVSS6.1AI score0.01159EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/20 3:58 p.m.31 views

CVE-2026-23774

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, contain an OS command injection vulnerability. A high privileged attacker...

7.2CVSS0.0147EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/20 1:29 p.m.3 views

CVE-2026-3518 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'killsession' command...

8.4CVSS6.4AI score0.18238EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.7 views

PT-2026-33799

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.20 Dell PowerProtect Data Domain versions 7.13.1.0 through 7.13.1.60 Description An OS command injection issue exists where...

7.2CVSS6AI score0.01191EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.10 views

Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞

Dell PowerProtect Data Domain Dell PowerProtect DD is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. There are security vulnerabilities in versions 8.5 to 8.6 of the Dell PowerProtect Data Domain. These...

7.2CVSS6.1AI score0.01159EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/19 7:0 p.m.4 views

CVE-2026-6576

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

6.5CVSS5.4AI score0.01456EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/19 12:0 a.m.10 views

PT-2026-33641

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

6.5CVSS5.4AI score0.01456EPSS
Exploits0References5
NVD
NVD
added 2026/04/17 11:16 a.m.6 views

CVE-2026-6483

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

8.6CVSS0.14131EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/17 10:30 a.m.5 views

CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

8.6CVSS6.7AI score0.14131EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/17 10:30 a.m.95 views

CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

8.6CVSS0.14131EPSS
Exploits0References5
CVE
CVE
added 2026/04/17 10:30 a.m.16 views

CVE-2026-6483

CVE-2026-6483 affects Wavlink WL-WN530H4 (firmware 20220721). The flaw is in the strcat/snprintf usage in /cgi-bin/internet.cgi, enabling remote, unauthenticated command injection with high impact (confidentiality, integrity, availability). Exploitation is feasible over the network; public exploi...

8.6CVSS6.7AI score0.14131EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/17 9:31 a.m.5 views

EUVD-2026-23396

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with...

7.2CVSS5.8AI score0.0114EPSS
Exploits0References2
CVE
CVE
added 2026/04/17 8:33 a.m.13 views

CVE-2026-23778

Affected product: Dell PowerProtect Data Domain with DD OS (Feature Release: 7.7.1.0–8.5; LTS2025: 8.3.1.0–8.3.1.20; LTS2024: 7.13.1.0–7.13.1.50). Issue: command injection vulnerability allowing a high-privilege, remote attacker to potentially gain root-level access. Impact: CVSS v3.1 base score ...

7.2CVSS5.8AI score0.0114EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.8 views

Dell PowerProtect Data Domain 安全漏洞

Dell PowerProtect Data Domain is a data protection specialized storage device whose main function is to provide efficient data de-duplication, backup and recovery. A command injection vulnerability exists in Dell PowerProtect Data Domain. The vulnerability stems from a failure of the Data Domain...

7.2CVSS5.8AI score0.0114EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.9 views

PT-2026-33435

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

8.6CVSS5.5AI score0.14131EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/16 7:22 p.m.7 views

CVE-2026-6158

A flaw has been found in Totolink N300RH 6.1c.1353B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

7.5CVSS5.5AI score0.01409EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/15 7:35 a.m.3 views

vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin

A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...

7.8CVSS6.3AI score0.01162EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.3 views

CVE-2026-6108

A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/stepnode/mcpnode/impl/basemcpnode.py of the component Model Context Protocol Node. Performing a manipulation results in os command injection. The attack is...

6.5CVSS6.3AI score0.0132EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:22 p.m.5 views

CVE-2026-6155

A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...

10CVSS7AI score0.01803EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/14 7:22 p.m.5 views

CVE-2026-5978

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument mode leads to os command injection. The attack can be initiated remotely. Th...

10CVSS7AI score0.01766EPSS
Exploits0References1
Rows per page
Query Builder