CVE-2025-64127

An OS command injection vulnerability exists due to insufficient sanitization of user-supplied input. The application accepts parameters that are later incorporated into OS commands without adequate validation. This could allow an unauthenticated attacker to execute arbitrary commands remotely...

📄 Cisco ISE API 3.0 Command Injection

Proof of concept exploit for a command injection vulnerability in Cisco ISE API version 3.0. ============================================================================================================================================= | Title : Cisco ISE API 3.0 command injection Exploits | |...

EUVD-2025-199764

TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "nextfile," which allows an attacker to execute arbitrary commands with root privileges...

CVE-2025-64127 Zenitel TCIV-3+ OS Command Injection

An OS command injection vulnerability exists due to insufficient sanitization of user-supplied input. The application accepts parameters that are later incorporated into OS commands without adequate validation. This could allow an unauthenticated attacker to execute arbitrary commands remotely...

Remote Command Execution

scio-pypi is vulnerable to Remote Command Execution. The vulnerability is due to torch.load executing unsafe deserialization even when weightsonly=True, which allows an attacker to craft malicious model files that trigger arbitrary code execution during loading...

Remote Command Execution

n8n and n8n-nodes-base are vulnerable to Remote Command Execution. The vulnerability is due to the Execute Command node allowing arbitrary command execution on the host system, which allows an attacker to exploit insufficient user trust controls to run malicious commands leading to system...

VulnCheck KEV: CVE-2024-10915

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument group leads to os command injection. T...

CVE-2025-65202

CVE-2025-65202 affects TRENDnet TEW-657BRM firmware 1.00.1, with an authenticated remote OS command injection in the setup.cgi binary. The vulnerability is exploitable via HTTP parameters named “command”, “todo”, and “next_file,” allowing execution of arbitrary commands with root privileges. Curr...

TRENDnet TEW-657BRM 安全漏洞

The TRENDnet TEW-657BRM is a WiFi router from TRENDnet. The TRENDnet TEW-657BRM suffers from a command injection vulnerability that is caused by a flaw in the setup.cgi binary file. An attacker can exploit this vulnerability to execute arbitrary operating system commands on the system...

CVE-2025-65202

TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "nextfile," which allows an attacker to execute arbitrary commands with root privileges...

CLSA-2025-1764080949 pcp: Fix of CVE-2024-3019

CVE-2024-3019: Fix default pmproxy configuration to restrict access to Redis server backend, preventing remote command execution...

CVE-2025-13562

A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing of the file /gena.cgi. Such manipulation of the argument service leads to command injection. The attack can be executed remotely. The exploit is publicly available and might be used. This vulnerabili...

CVE-2025-12740 Remote Command Execution in Looker via IBM DB2 JDBC drive

A Looker user with a Developer role could create a database connection using IBM DB2 driver and, by manipulating LookML, cause Looker to execute a malicious command, due to inadequate filtering of the driver's parameters. Looker-hosted and Self-hosted were found to be vulnerable. This issue has...

CVE-2025-12740

CVE-2025-12740 affects Looker where a user with Developer role could create a DB2 database connection and, by manipulating LookML, cause Looker to execute a malicious command due to inadequate filtering of the IBM DB2 driver’s parameters. Concrete details across multiple sources confirm the vulne...

PT-2025-47964

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware used by many white-labeled DVR/NVR/IPC products contains hardcoded API credentials and an OS command injection flaw in its configuration services. The web/API interface accepts HTTP/XML requests authenticated with a fixed vendor...

MAL-2025-191760 Malicious code in hooktest1 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b3e91d71ab21e3575f1354593a314d50bc188b0db7b3851040e522426a765417 During installation, the package starts a code to retrieve and execute commands from Discord --- Category: MALICIOUS - The campaign has clearly malicious inten...

PT-2025-47856

Name of the Vulnerable Software and Affected Versions D-Link DIR-852 version 1.00 Description A flaw exists in the processing of the /gena.cgi file on the device. Manipulating the service argument can lead to command injection, allowing for remote execution of commands. The exploit is publicly...

CVE-2025-65946

Roo Code (AI-powered coding agent) had a validation error before version 3.26.7 that could cause it to automatically execute commands not on the allowed prefixes list. The issue has been patched in version 3.26.7. Affected CVE-2025-65946 entries from multiple feeds confirm the vulnerability and p...

MAL-2025-191772 Malicious code in kdewebhelper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 da8701a407522875f63d2aaa28d27194fe8e2faa4d7782fd66639f224ae62dcd Importing the module connects to a Telegram bot and provides its operator with abilities to execute commands, exfiltrate and encrypt data. The target group see...

CVE-2025-34320 BASIS BBj < 25.00 Unauthenticated Arbitrary File Read RCE

BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly validate or canonicalize input path segments. This allows unauthenticated directory traversal sequences to cause the server to read arbitrary system files accessible to the account running the service...