19517 matches found
CVE-2026-8217
A security flaw has been discovered in Industrial Application Software IAS Canias ERP 8.03. Impacted is the function Runtime.getRuntime.exec of the component RMI Interface. Performing a manipulation of the argument troiaCode results in os command injection. The attack may be initiated remotely. T...
CVE-2026-8217 Industrial Application Software IAS Canias ERP RMI Runtime.getRuntime.exec os command injection
A security flaw has been discovered in Industrial Application Software IAS Canias ERP 8.03. Impacted is the function Runtime.getRuntime.exec of the component RMI Interface. Performing a manipulation of the argument troiaCode results in os command injection. The attack may be initiated remotely. T...
CVE-2026-8217
The CVE-2026-8217 entry concerns Industrial Application Software IAS Canias ERP 8.03. Affected is the Runtime.getRuntime.exec call within the RMI Interface; manipulating the troiaCode argument leads to OS command injection. The vulnerability can be triggered remotely, and public exploits exist. V...
PT-2026-39453
A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. T...
PT-2026-39435
Name of the Vulnerable Software and Affected Versions Industrial Application Software IAS Canias ERP version 8.03 Description A flaw in the RMI Interface component allows for remote OS command injection. This occurs through the manipulation of the troiaCode argument within the...
Wavlink NU516U1 命令注入漏洞
Wavlink NU516U1 is a wireless printing server developed by Wavlink Corporation. The Wavlink NU516U1 240425 version has a command injection vulnerability. This vulnerability stems from the OS command injection present in the function advance within the file/cgi-bin/wireless.cgi, when dealing with...
CVE-2026-8192
A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wlPass is directly passed by the attacker/so we can control the EncrypType/wlPass results in os...
CVE-2026-8192
A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wlPass is directly passed by the attacker/so we can control the EncrypType/wlPass results in os...
CVE-2026-8190
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
CVE-2026-8191
A vulnerability was identified in Wavlink NU516U1 M16U1V240425. This affects the function wifiregion of the file /cgi-bin/adm.cgi. Such manipulation of the argument skiplist1/skiplist2 leads to os command injection. The attack can be launched remotely. The exploit is publicly available and might ...
CVE-2026-8189
A vulnerability was found in Wavlink NU516U1 M16U1V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlanbssid/selAutomode/selEncrypTyp results in os command injection. It is possible to launch the attack remotely. Th...
CVE-2026-8190
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
CVE-2026-8190 Wavlink NU516U1 adm.cgi wan os command injection
A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...
CVE-2026-8188
A vulnerability has been found in Wavlink NU516U1 M16U1V240425. Affected is the function changewifipassword of the file /cgi-bin/adm.cgi. The manipulation of the argument wlchannel/wlPass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2026-8189 Wavlink NU516U1 adm.cgi wzdrepeater os command injection
A vulnerability was found in Wavlink NU516U1 M16U1V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlanbssid/selAutomode/selEncrypTyp results in os command injection. It is possible to launch the attack remotely. Th...
CVE-2026-8189
A vulnerability was found in Wavlink NU516U1 M16U1V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlanbssid/selAutomode/selEncrypTyp results in os command injection. It is possible to launch the attack remotely. Th...
CVE-2026-8188
The CVE-2026-8188 entries describe a vulnerability in Wavlink NU516U1 M16U1_V240425 where the change_wifi_password function in /cgi-bin/adm.cgi is exploitable via OS command injection. The issue stems from manipulating input parameters wl_channel, wl_Pass, or EncrypType, enabling remote execution...
EUVD-2026-28915
A vulnerability has been found in Wavlink NU516U1 M16U1V240425. Affected is the function changewifipassword of the file /cgi-bin/adm.cgi. The manipulation of the argument wlchannel/wlPass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2026-8188
A vulnerability has been found in Wavlink NU516U1 M16U1V240425. Affected is the function changewifipassword of the file /cgi-bin/adm.cgi. The manipulation of the argument wlchannel/wlPass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2026-3828
Some Hikvision switch products discontinued since December 2023 are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leadi...