19587 matches found
CVE-2025-14107 ZSPACE Q2C NAS HTTP POST Request status zfilev2_api.SafeStatus command injection
A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safedir results in command injection. The...
CVE-2025-14107
ZSPACE Q2C NAS is affected by CVE-2025-14107 through the zfilev2_api.SafeStatus function in /v2/file/safe/status. The vulnerability arises from manipulating the safe_dir argument in the HTTP POST Request Handler, enabling command injection with remote access. Public exploits exist, and vendors ha...
CVE-2025-14106 ZSPACE Q2C NAS HTTP POST Request close zfilev2_api.CloseSafe command injection
A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safedir leads to command injection. The attack is possible to be carried o...
EUVD-2025-201416
A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed...
CVE-2025-14094
A flaw has been found in Edimax BR-6478AC V3 1.0.15. The affected element is the function sub44CCE4 of the file /boafrm/formSysCmd. This manipulation of the argument sysCmd causes os command injection. The attack may be initiated remotely. The exploit has been published and may be used. The vendo...
CVE-2025-14093
A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. Th...
EUVD-2025-201442
A flaw has been found in Edimax BR-6478AC V3 1.0.15. The affected element is the function sub44CCE4 of the file /boafrm/formSysCmd. This manipulation of the argument sysCmd causes os command injection. The attack may be initiated remotely. The exploit has been published and may be used. The vendo...
CVE-2025-14093 Edimax BR-6478AC V3 formTracerouteDiagnosticRun sub_416990 os command injection
A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. Th...
CVE-2025-14093 Edimax BR-6478AC V3 formTracerouteDiagnosticRun sub_416990 os command injection
A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. Th...
CVE-2025-64054
A reflected Cross Site Scripting XSS vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint...
CVE-2025-14092
A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed...
CVE-2025-14092
A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed...
CVE-2025-14092 Edimax BR-6478AC V3 formDebugDiagnosticRun sub_416898 os command injection
A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed...
CVE-2025-14092 Edimax BR-6478AC V3 formDebugDiagnosticRun sub_416898 os command injection
A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed...
CVE-2025-14092
Edimax BR-6478AC V3 (firmware 1.0.15) is affected by an OS command injection in the sub_416898 function of /boafrm/formDebugDiagnosticRun. The vulnerability can be triggered remotely over the network by manipulating the host argument, with public exploit details available. Multiple connected sour...
PT-2025-49256
Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V3 version 1.0.15 Description A security issue exists in Edimax BR-6478AC V3 version 1.0.15. The sub 416898 function within the /boafrm/formDebugDiagnosticRun file is susceptible to os command injection through manipulation of...
PT-2025-49262
Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V3 version 1.0.15 Description A flaw exists in the Edimax BR-6478AC V3 version 1.0.15. The sub 416990 function within the /boafrm/formTracerouteDiagnosticRun file is susceptible to os command injection due to manipulation of t...
PT-2025-49317
Name of the Vulnerable Software and Affected Versions ZSPACE Q2C NAS versions through 1.1.0210050 Description A security flaw exists in ZSPACE Q2C NAS that allows for remote command injection. The issue is located within the zfilev2 api.SafeStatus function of the HTTP POST Request Handler...
PT-2025-49316
Name of the Vulnerable Software and Affected Versions ZSPACE Q2C NAS versions up to 1.1.0210050 Description A command injection issue exists in ZSPACE Q2C NAS. The issue is related to the manipulation of the safe dir argument within the zfilev2 api.CloseSafe function, located in the...
PT-2025-49276
Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V3 version 1.0.15 Description A flaw exists in Edimax BR-6478AC V3 version 1.0.15 due to a command injection issue. The issue is related to the manipulation of the sysCmd argument within the sub 44CCE4 function of the...