19582 matches found
CVE-2026-2847
A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected is the function sub44EFB4 of the file /goform/formReleaseConnect of the component Web Management Interface. The manipulation of the argument IspName results in os command injection. The attack can be launched remotely. The explo...
CVE-2026-2823
A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub41ACCC of the file /cgi-bin/mbox-config?method=SET=ntptimezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible to be...
CVE-2026-2846
A security vulnerability has been detected in UTT HiPER 520 1.7.7-160105. This impacts the function sub44D264 of the file /goform/formPdbUpConfig of the component Web Management Interface. The manipulation of the argument policyNames leads to os command injection. The attack can be initiated...
CVE-2026-2847
A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected is the function sub44EFB4 of the file /goform/formReleaseConnect of the component Web Management Interface. The manipulation of the argument IspName results in os command injection. The attack can be launched remotely. The explo...
CVE-2026-20761
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device...
CVE-2026-20761 EnOcean SmartServer IoT Command Injection
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device...
CVE-2026-20761
A vulnerability exists in EnOcean SmartServer IoT version 4.60.009 and prior, which would allow remote attackers, in the LON IP-852 management messages, to send specially crafted IP-852 messages resulting in arbitrary OS command execution on the device...
CVE-2026-2847 UTT HiPER 520 Web Management formReleaseConnect sub_44EFB4 os command injection
A vulnerability was detected in UTT HiPER 520 1.7.7-160105. Affected is the function sub44EFB4 of the file /goform/formReleaseConnect of the component Web Management Interface. The manipulation of the argument IspName results in os command injection. The attack can be launched remotely. The explo...
MAL-2026-951 Malicious code in printrables (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 062cd723b198a3d0af641a78b343642653fb80f4cbf527be765bb4e520cbd3ed Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
CVE-2026-2824
A flaw has been found in Comfast CF-E7 2.6.0.9. This affects the function sub441CF4 of the file /cgi-bin/mbox-config?method=SET§ion=pingconfig of the component webmggnt. Executing a manipulation of the argument destination can lead to command injection. The attack may be performed from remote...
CVE-2026-2824
A flaw has been found in Comfast CF-E7 2.6.0.9. This affects the function sub441CF4 of the file /cgi-bin/mbox-config?method=SET§ion=pingconfig of the component webmggnt. Executing a manipulation of the argument destination can lead to command injection. The attack may be performed from remote...
CVE-2026-2824 Comfast CF-E7 webmggnt mbox-config sub_441CF4 command injection
A flaw has been found in Comfast CF-E7 2.6.0.9. This affects the function sub441CF4 of the file /cgi-bin/mbox-config?method=SET§ion=pingconfig of the component webmggnt. Executing a manipulation of the argument destination can lead to command injection. The attack may be performed from remote...
CVE-2026-2824
A flaw has been found in Comfast CF-E7 2.6.0.9. This affects the function sub441CF4 of the file /cgi-bin/mbox-config?method=SET§ion=pingconfig of the component webmggnt. Executing a manipulation of the argument destination can lead to command injection. The attack may be performed from remote...
CVE-2026-2824 Comfast CF-E7 webmggnt mbox-config sub_441CF4 command injection
A flaw has been found in Comfast CF-E7 2.6.0.9. This affects the function sub441CF4 of the file /cgi-bin/mbox-config?method=SET§ion=pingconfig of the component webmggnt. Executing a manipulation of the argument destination can lead to command injection. The attack may be performed from remote...
CVE-2026-2823
A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub41ACCC of the file /cgi-bin/mbox-config?method=SET§ion=ntptimezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible t...
CVE-2026-2823 Comfast CF-E7 webmggnt mbox-config sub_41ACCC command injection
A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub41ACCC of the file /cgi-bin/mbox-config?method=SET§ion=ntptimezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible t...
CVE-2026-2823
A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub41ACCC of the file /cgi-bin/mbox-config?method=SET§ion=ntptimezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible t...
CVE-2026-2823 Comfast CF-E7 webmggnt mbox-config sub_41ACCC command injection
A vulnerability was detected in Comfast CF-E7 2.6.0.9. The impacted element is the function sub41ACCC of the file /cgi-bin/mbox-config?method=SET§ion=ntptimezone of the component webmggnt. Performing a manipulation of the argument timestr results in command injection. The attack is possible t...
CVE-2026-2823
CVE-2026-2823 affects Comfast CF-E7 with firmware 2.6.0.9. The vulnerability lies in the webmgmt component, specifically the function sub_41ACCC in /cgi-bin/mbox-config?method=SET§ion=ntp_timezone, where manipulating the timestr argument results in a remote command-injection. The vulnerabilit...
CVE-2026-2670
A vulnerability was identified in Advantech WISE-6610 1.2.120251110. Affected is an unknown function of the file /cgi-bin/luci/admin/openvpnapply of the component Background Management. Such manipulation of the argument deletefile leads to os command injection. The attack can be executed remotely...