18414 matches found
CVE-2026-9367
A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...
CVE-2026-9367 NousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command injection
A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...
EUVD-2026-31579
A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...
CVE-2026-9363
A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. Remote exploitation of the attack ...
CVE-2026-9363 Edimax EW-7438RPn POST Request formEZCHNwlanSetu formEZCHNwlanSetup command injection
A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. Remote exploitation of the attack ...
CVE-2026-9363
CVE-2026-9363 affects Edimax EW-7438RPn firmware 1.12. The vulnerability resides in the POST Request Handler function formEZCHNwlanSetup (file /goform/formEZCHNwlanSetu), where argument manipulation enables remote command injection. Remote exploitation is possible; an exploit is public. The vendo...
CVE-2026-9362
CVE-2026-9362: Edimax EW-7438RPn firmware 1.12 has a command-injection in the Setting Handler’s formConnectionSetting (/goform/formConnectionSetting). Manipulating max_Conn/timeOut parameters can lead to remote execution. Attack vector is network with low complexity; authentication required is LO...
EUVD-2026-31574
A weakness has been identified in Edimax EW-7438RPn 1.12. This affects the function formAccept of the file /goform/formAccep of the component POST Request Handler. This manipulation of the argument submit-url causes command injection. The attack may be initiated remotely. The exploit has been mad...
CVE-2026-9359
A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...
CVE-2026-9359
A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...
CVE-2026-9359 Edimax EW-7438RPn POST Request formHwSet command injection
A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...
EUVD-2026-31570
A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...
CVE-2026-9347
A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...
CVE-2026-9347 Edimax EW-7438RPn webs formWizSurvey os command injection
A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...
PT-2026-42939
Name of the Vulnerable Software and Affected Versions Edimax BR-6675nD version 1.12 Description A command injection flaw exists in the POST Request Handler component. A remote attacker can exploit this by manipulating the pinCode argument within the formWpsStart function, located in the...
PT-2026-42919
Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.12 Description A command injection flaw exists in the POST Request Handler component. A remote attacker can trigger this issue by manipulating the submit-url argument within the formAccept function of the...
PT-2026-42946
A vulnerability was determined in Totolink A8000RU 7.1cu.643 b20200521. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument command causes os command injection. The attack is possible to be...
PT-2026-42927
A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detect dangerous command of the file tools/approval.py of the component terminal tool. This manipulation causes os command injection. It is possible to initiate th...
TOTOLINK A8000RU 操作系统命令注入漏洞
TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A8000RU 7.1cu.643b20200521 version contains a vulnerability related to operating system command injection. This vulnerability stems from improper handling of the resetFlags parameter in the function...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A8000RU 7.1cu.643b20200521 version has a vulnerability related to operating system command injection. This vulnerability stems from improper handling of the command parameter in the setTracerouteCfg...