Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18411 matches found

Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.7 views

PT-2026-43157

Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description An OS command injection issue exists in the Setting Handler component. The setNetworkDiag function within the '/cgi-bin/cstecgi.cgi' endpoint fails to properly sanitize several arguments, allowin...

6.5CVSS6.8AI score0.04841EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.7 views

PT-2026-43152

Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description A weakness in the Setting Handler component allows for remote OS command injection. This occurs through the manipulation of the host time argument within the NTPSyncWithHost function of the...

6.5CVSS6.6AI score0.04841EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/05/25 12:0 a.m.9 views

PT-2026-43041

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS6.8AI score0.02177EPSS
Exploits0References5
CVE
CVEadded 2026/05/24 11:45 p.m.10 views

CVE-2026-9407

Totolink A8000RU Web Management interface (/cgi-bin/cstecgi.cgi) contains a vulnerability in the setFirewallType function that allows OS command injection when the firewallType argument is manipulated. Affected product version: 7.1cu.643_b20200521. The attack is remotely executable and the exploi...

10CVSS6.9AI score0.01254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/24 11:45 p.m.8 views

CVE-2026-9407

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this vulnerability is the function setFirewallType of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument firewallType leads to os command injection...

10CVSS6.9AI score0.01254EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/05/24 11:30 p.m.9 views

EUVD-2026-31606

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...

10CVSS7AI score0.01254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/24 11:30 p.m.6 views

CVE-2026-9406

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...

10CVSS7AI score0.01254EPSS
Exploits0References5Affected Software1
NVD
NVDadded 2026/05/24 11:16 p.m.7 views

CVE-2026-9402

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

6.5CVSS0.01409EPSS
Exploits0References4
NVD
NVDadded 2026/05/24 11:16 p.m.6 views

CVE-2026-9404

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS0.01254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/24 11:15 p.m.5 views

CVE-2026-9405

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation o...

10CVSS7AI score0.01254EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/24 11:0 p.m.7 views

CVE-2026-9404 Totolink A8000RU Web Management cstecgi.cgi setDdnsCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS5.7AI score0.01254EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/24 11:0 p.m.9 views

CVE-2026-9404 Totolink A8000RU Web Management cstecgi.cgi setDdnsCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS0.01254EPSS
Exploits0References5
CVE
CVEadded 2026/05/24 11:0 p.m.10 views

CVE-2026-9404

CVE-2026-9404 affects Totolink A8000RU Web Management Interface. The vulnerable component is the file /cgi-bin/cstecgi.cgi (function: setDdnsCfg). The issue arises from manipulation of the argument provider, leading to OS command injection . The vulnerability may be exploited remotely, and public...

10CVSS7.1AI score0.01254EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/24 11:0 p.m.10 views

EUVD-2026-31607

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS7.1AI score0.01254EPSS
Exploits0References5
CVE
CVEadded 2026/05/24 10:30 p.m.7 views

CVE-2026-9402

The CVE-2026-9402 entry concerns Edimax BR-6675nD firmware 1.12. The vulnerability is in the POST Request Handler’s formWlanMP function (/goform/formWlanMP). Manipulating parameters such as ateFunc, ateGain, ateRate, ateChan, ateTxCount, various e2pTx/e2pTxPower and readE2P fields results in comm...

6.5CVSS6.4AI score0.01409EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/24 10:30 p.m.9 views

EUVD-2026-31602

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

6.5CVSS6.4AI score0.01409EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/24 10:30 p.m.5 views

CVE-2026-9402 Edimax BR-6675nD POST Request formWlanMP command injection

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

6.5CVSS6.4AI score0.01409EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/24 10:0 p.m.8 views

CVE-2026-9400 Edimax BR-6675nD POST Request formUSBStorage command injection

A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of the argument subdir can lead to command injection. It is possible to launch the attack remotely. The...

6.5CVSS0.01409EPSS
Exploits0References4
CVE
CVEadded 2026/05/24 10:0 p.m.10 views

CVE-2026-9400

Edimax BR-6675nD (firmware 1.12) is affected by a command-injection in the POST Request Handler’s formUSBStorage function (/goform/formUSBStorage). By manipulating the sub_dir parameter, an attacker can execute arbitrary commands remotely. The CVE description consistently notes a remote attack po...

6.5CVSS6.4AI score0.01409EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/24 10:0 p.m.7 views

CVE-2026-9400 Edimax BR-6675nD POST Request formUSBStorage command injection

A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of the argument subdir can lead to command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.01409EPSS
Exploits0References4
Rows per page
Query Builder