Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19582 matches found

OSV
OSVadded 2026/02/08 6:15 p.m.3 views

CVE-2026-2169

A vulnerability has been found in D-Link DWR-M921 1.1.50. This impacts an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

8.8CVSS5.6AI score
Exploits0References5
OSV
OSVadded 2026/02/08 6:15 p.m.2 views

CVE-2026-2168

A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

8.8CVSS5.6AI score
Exploits0References5
CVE
CVEadded 2026/02/08 5:32 p.m.10 views

CVE-2026-2169

CVE-2026-2169 affects the D-Link DWR‑M921 (firmware 1.1.50). The vulnerability resides in the /boafrm/formLtefotaUpgradeFibocom component where manipulation of the fota_url argument enables command injection. It allows remote exploitation and has been publicly disclosed. Public documents do not p...

8.8CVSS6.4AI score0.02607EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/02/08 5:32 p.m.32 views

CVE-2026-2168 D-Link DWR-M921 formLtefotaUpgradeQuectel sub_419920 command injection

A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

6.5CVSS0.02958EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/08 5:32 p.m.6 views

CVE-2026-2168

A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

6.5CVSS6.4AI score0.02958EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2026/02/08 5:32 p.m.5 views

EUVD-2026-5781

A flaw has been found in D-Link DWR-M921 1.1.50. This affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

8.8CVSS5.4AI score0.02958EPSS
Exploits1References5
CVE
CVEadded 2026/02/08 5:32 p.m.10 views

CVE-2026-2168

D-Link DWR-M921 (firmware 1.1.50) is affected by CVE-2026-2168. The vulnerability lies in the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel, where manipulation of the fota_url argument enables command injection. The issue can be exploited remotely and an exploit has been publi...

8.8CVSS6.5AI score0.02958EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2026/02/08 5:15 p.m.5 views

CVE-2026-2163

A vulnerability was identified in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command injection. The attack may be launched remotely. The exploit is publicly availabl...

7.2CVSS5.7AI score0.05172EPSS
Exploits1References6
OSV
OSVadded 2026/02/08 5:15 p.m.3 views

CVE-2026-2167

A vulnerability was detected in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setAPNetwork of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Ipaddr results in os command injection. The attack may be performed from remote. The exploit is now public and m...

8.8CVSS5.6AI score0.02062EPSS
Exploits1References5
NVD
NVDadded 2026/02/08 5:15 p.m.9 views

CVE-2026-2163

A vulnerability was identified in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command injection. The attack may be launched remotely. The exploit is publicly availabl...

7.2CVSS0.05172EPSS
Exploits1References6
NVD
NVDadded 2026/02/08 5:15 p.m.7 views

CVE-2026-2167

A vulnerability was detected in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setAPNetwork of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Ipaddr results in os command injection. The attack may be performed from remote. The exploit is now public and m...

8.8CVSS0.02062EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/08 5:2 p.m.7 views

CVE-2026-2167

A vulnerability was detected in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setAPNetwork of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Ipaddr results in os command injection. The attack may be performed from remote. The exploit is now public and m...

6.5CVSS6.4AI score0.02062EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2026/02/08 5:2 p.m.5 views

EUVD-2026-5782

A vulnerability was detected in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setAPNetwork of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Ipaddr results in os command injection. The attack may be performed from remote. The exploit is now public and m...

8.8CVSS5.2AI score0.02062EPSS
Exploits1References5
CVE
CVEadded 2026/02/08 5:2 p.m.11 views

CVE-2026-2167

CVE-2026-2167 affects Totolink WA300 with firmware 5.2cu.7112_B20190227. The vulnerability lies in the setAPNetwork function in /cgi-bin/cstecgi.cgi where unfiltered Ipaddr input enables OS command injection. Exploitation can be performed remotely and public exploit exists. Multiple connected sou...

8.8CVSS6.4AI score0.02062EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2026/02/08 4:32 p.m.16 views

CVE-2026-2163

CVE-2026-2163: Affected product is D-Link DIR-600 up to firmware 2.15WWb02. The flaw resides in the ssdp.cgi code, where manipulation of HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID enables remote command injection. The issue is remotely exploitable over the network; the exploit is publicly availabl...

7.2CVSS5.1AI score0.05172EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/08 4:32 p.m.6 views

CVE-2026-2163 D-Link DIR-600 ssdp.cgi command injection

A vulnerability was identified in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command injection. The attack may be launched remotely. The exploit is publicly availabl...

5.8CVSS5.5AI score0.05172EPSS
Exploits1References6
ATTACKERKB
ATTACKERKBadded 2026/02/08 4:32 p.m.8 views

CVE-2026-2163

A vulnerability was identified in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command injection. The attack may be launched remotely. The exploit is publicly availabl...

5.8CVSS5.1AI score0.05172EPSS
Exploits1References6Affected Software1
NVD
NVDadded 2026/02/08 3:15 p.m.7 views

CVE-2026-2157

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS0.03916EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/08 3:2 p.m.11 views

CVE-2026-2157

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS6.8AI score0.03916EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/08 3:2 p.m.4 views

CVE-2026-2157 D-Link DIR-823X set_static_route_table sub_4175CC os command injection

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS5.3AI score0.03916EPSS
Exploits1References5
Rows per page
Query Builder