19585 matches found
CVE-2025-64993
Summary: CVE-2025-64993 affects TeamViewer DEX (formerly 1E DEX). The issue is a command-injection in the 1E-ConfigMgrConsoleExtensions instructions caused by improper input validation. Impact: authenticated attackers with Actioner privileges can inject arbitrary commands, enabling remote executi...
EUVD-2025-202672
A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-PauseNomadJobQueue instruction prior V25. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remo...
CVE-2025-64991
CVE-2025-64991 describes a command injection vulnerability in TeamViewer DEX (formerly 1E DEX). The issue occurs in the 1E-PatchInsights-Deploy instruction before V15 due to improper input validation, enabling authenticated attackers with Actioner privileges to inject arbitrary commands and poten...
EUVD-2025-202673
A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-PatchInsights-Deploy instruction prior V15. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote...
CVE-2025-64990 Command Injection in 1E-Explorer-TachyonCore-LogoffUser Instruction
A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-LogoffUser instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation...
EUVD-2025-202675
A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-FindFileBySizeAndHash instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands...
CVE-2025-64988 Command Injection in 1E-Nomad-GetCmContentLocations Instruction
A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell Metasploit Module CVE-2025-55182 BETA A robus...
EUVD-2025-202644
A weakness has been identified in EFM ipTIME A3004T 14.19.0. This vulnerability affects the function showdebugscreen of the file /sess-bin/timepro.cgi of the component Administrator Password Handler. This manipulation of the argument aaksjdkfj with the input !@dnjsrureljrm& causes command...
CVE-2025-14485
CVE-2025-14485 affects EFM ipTIME A3004T 14.19.0. The vulnerability is in the Administrator Password Handler’s show_debug_screen function (file /sess-bin/timepro.cgi). Manipulating the argument aaksjdkfj with input !@dnjsrureljrm*& enables command injection remotely. Public exploit content is ind...
EUVD-2024-55318
CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensionsuserfiles and upload a shell script to the media directory to execute arbitrary code on the server...
CVE-2025-65294
Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 contain an undocumented remote access mechanism enabling unrestricted remote command execution...
PT-2025-50680
Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR860 affected versions not specified Description An issue exists that allows attackers to execute arbitrary commands. This can be achieved by sending a specially crafted POST request to the...
TeamViewer DEX Client 安全漏洞
TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. A security vulnerability exists in versions prior to TeamViewer DEX Client V25 that stems from improper input validation and could lead to remote execution of arbitrary commands...
TeamViewer DEX Client 安全漏洞
TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. A security vulnerability exists in versions prior to TeamViewer DEX Client V21 that stems from improper input validation and could lead to remote execution of arbitrary commands...
TeamViewer DEX Client 安全漏洞
TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. A security vulnerability exists in TeamViewer DEX Client versions prior to V21.1 that stems from improper input validation and could lead to remote execution of arbitrary commands...
TeamViewer DEX Client 安全漏洞
TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. A security vulnerability exists in TeamViewer DEX Client versions prior to V19.2 that stems from improper input validation and could lead to remote execution of arbitrary commands...
TeamViewer DEX Client 安全漏洞
TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. A security vulnerability exists in TeamViewer DEX Client versions prior to V21.1 that stems from improper input validation and could lead to remote execution of arbitrary commands...
PT-2025-50600
A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-ConfigMgrConsoleExtensions instructions. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote...
PT-2025-50681
Name of the Vulnerable Software and Affected Versions Ruijie RG-YST EST, YSTAP 3.01B11P280YST250F versions V1.xxV2.xx Description An OS Command Injection issue exists in Ruijie RG-YST EST, YSTAP 3.01B11P280YST250F. Successful exploitation allows attackers to execute arbitrary commands. This is...