Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19582 matches found

Cvelist
Cvelistadded 2026/01/26 11:32 p.m.30 views

CVE-2026-1448 D-Link DIR-615 Web Management wiz_policy_3_machine.php os command injection

A vulnerability was detected in D-Link DIR-615 up to 4.10. This impacts an unknown function of the file /wizpolicy3machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. It is possible to initiate the attack remotel...

8.6CVSS0.05258EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/01/26 11:32 p.m.4 views

CVE-2026-1448 D-Link DIR-615 Web Management wiz_policy_3_machine.php os command injection

A vulnerability was detected in D-Link DIR-615 up to 4.10. This impacts an unknown function of the file /wizpolicy3machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. It is possible to initiate the attack remotel...

8.6CVSS5.6AI score0.05258EPSS
Exploits1References5
CVE
CVEadded 2026/01/26 11:32 p.m.22 views

CVE-2026-1448

The CVE-2026-1448 entry concerns D-Link DIR-615 Web Management Interface up to version 4.10. The vulnerability lies in the /wiz_policy_3_machine.php file where manipulating the ipaddr argument enables operating system command injection. This allows remote initiation of an exploit, and multiple so...

8.6CVSS5.6AI score0.05258EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/01/26 11:32 p.m.3 views

CVE-2026-1448

A vulnerability was detected in D-Link DIR-615 up to 4.10. This impacts an unknown function of the file /wizpolicy3machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. It is possible to initiate the attack remotel...

8.6CVSS5.6AI score0.05258EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2026/01/26 5:16 a.m.3 views

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

7.2CVSS5.6AI score0.15685EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/01/26 4:32 a.m.4 views

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

5.8CVSS5.6AI score0.15685EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2026/01/26 2:15 a.m.2 views

CVE-2026-1413

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

9.8CVSS5.7AI score0.02548EPSS
Exploits0References4
NVD
NVDadded 2026/01/26 2:15 a.m.4 views

CVE-2026-1413

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

9.8CVSS0.02548EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/01/26 2:2 a.m.4 views

CVE-2026-1414 Sangfor Operation and Maintenance Security Management System HTTP POST Request get_Information getInformation command injection

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This impacts the function getInformation of the file /equipment/getInformation of the component HTTP POST Request Handler. Executing a manipulation of the argument fortEquipmentIp can lead...

6.5CVSS5.6AI score0.04051EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/01/26 2:2 a.m.5 views

CVE-2026-1414

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This impacts the function getInformation of the file /equipment/getInformation of the component HTTP POST Request Handler. Executing a manipulation of the argument fortEquipmentIp can lead...

6.5CVSS5.6AI score0.04051EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2026/01/26 2:2 a.m.11 views

CVE-2026-1414

CVE-2026-1414 affects Sangfor Operation and Maintenance Security Management System (up to version 3.0.12). The vulnerability resides in the HTTP POST Request Handler for /equipment/get_Information, where tampering with the fortEquipmentIp argument can trigger a command injection. The issue can be...

9.8CVSS6.5AI score0.04051EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/26 1:32 a.m.3 views

CVE-2026-1413 Sangfor Operation and Maintenance Security Management System HTTP POST Request port_validate portValidate command injection

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

6.5CVSS5.6AI score0.02548EPSS
Exploits0References4
EUVD
EUVDadded 2026/01/26 1:32 a.m.5 views

EUVD-2026-4687

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

6.5CVSS5.6AI score0.02548EPSS
Exploits0References4
CVE
CVEadded 2026/01/26 1:32 a.m.11 views

CVE-2026-1413

Sangfor Operation and Maintenance Security Management System up to 3.0.12 contains a command injection in the HTTP POST Request Handler’s portValidate function, located in /fort/ip_and_port/port_validate. An attacker can remotely manipulate the port argument to execute arbitrary commands. Multipl...

9.8CVSS5.5AI score0.02548EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2026/01/26 1:15 a.m.4 views

CVE-2026-1412

A vulnerability has been found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. The impacted element is an unknown function of the file /fort/audit/getclipimg of the component HTTP POST Request Handler. Such manipulation of the argument frame/dirno leads to command...

9.8CVSS5.6AI score0.0359EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/01/26 1:2 a.m.1 views

CVE-2026-1412

A vulnerability has been found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. The impacted element is an unknown function of the file /fort/audit/getclipimg of the component HTTP POST Request Handler. Such manipulation of the argument frame/dirno leads to command...

7.5CVSS5.6AI score0.0359EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2026/01/26 1:2 a.m.11 views

CVE-2026-1412

Sangfor Operation and Maintenance Security Management System (up to version 3.0.12) is affected by a command injection in the HTTP POST Request Handler, specifically the /fort/audit/get_clip_img function. Exploiting manipulation of the frame/dirno argument enables remote code execution, with the ...

9.8CVSS7.3AI score0.0359EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/01/26 12:0 a.m.5 views

PT-2026-4722

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

5.8CVSS5.6AI score0.15685EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2026/01/26 12:0 a.m.3 views

PT-2026-4717

A vulnerability was determined in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This impacts the function getInformation of the file /equipment/get Information of the component HTTP POST Request Handler. Executing a manipulation of the argument fortEquipmentIp can lea...

6.5CVSS6.4AI score0.04051EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/01/26 12:0 a.m.8 views

PT-2026-6970

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security issue exists in the DDNS Service component of D-Link DIR-823X version 250416. The issue relates to the processing of the /goform/set ddns file. Manipulation of the ddnsType, ddnsDomainName,...

9CVSS5.7AI score0.04317EPSS
Exploits1References12
Rows per page
Query Builder