Linux Distros Unpatched Vulnerability : CVE-2019-14868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environme...

Linux Distros Unpatched Vulnerability : CVE-2018-12483

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET...

CVE-2025-9377

The authenticated remote command execution RCE vulnerability exists in the Parental Control page on TP-Link Archer C7EU V2 and TL-WR841N/NDMS V9. This issue affects Archer C7EU V2: before 241108 and TL-WR841N/NDMS V9: before 241108. Both products have reached the status of EOL end-of-life. It's...

CVE-2025-9377

The authenticated remote command execution RCE vulnerability exists in the Parental Control page on TP-Link Archer C7EU V2 and TL-WR841N/NDMS V9. This issue affects Archer C7EU V2: before 241108 and TL-WR841N/NDMS V9: before 241108. Both products have reached the status of EOL end-of-life. It's...

CVE-2025-30264 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145...

GHSA-694P-3FXC-M92H AiondaDotCom mcp-ssh command injection vulnerability in SSH operations

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

CVE-2025-9654

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

CVE-2025-9654

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

CVE-2025-9654 AiondaDotCom mcp-ssh server-simple.mjs command injection

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

CVE-2025-9603

A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The...

CVE-2025-9603

A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The...

CVE-2025-9603

CVE-2025-9603 pertains to the Telesquare TLR-2005KSH device running version 1.2.4. The vulnerability is in an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg, where manipulating the Hostname argument can lead to a remote command injection. Public exploitation has been disclosed....

CVE-2025-9603 Telesquare TLR-2005KSH internet.cgi command injection

A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The...

CVE-2025-9603 Telesquare TLR-2005KSH internet.cgi command injection

A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The...

VulnCheck KEV: CVE-2025-9377

The authenticated remote command execution RCE vulnerability exists in the Parental Control page on TP-Link Archer C7EU V2 and TL-WR841N/NDMS V9. This issue affects Archer C7EU V2: before 241108 and TL-WR841N/NDMS V9: before 241108. Both products have reached the status of EOL end-of-life. It's...

PT-2025-35298

Name of the Vulnerable Software and Affected Versions TP-Link Archer C7EU V2 versions prior to 241108 TP-Link TL-WR841N/NDMS V9 versions prior to 241108 Description An authenticated remote command execution RCE vulnerability exists in the Parental Control page on TP-Link Archer C7EU V2 and...

TP-LINK多款产品 安全漏洞

TP-LINK TL-WR841ND and so on are products of China P&L TP-LINK company.TP-LINK TL-WR841ND is a wireless router.TP-Link Archer C7 and so on are products of China P&L TP-Link company.TP-Link Archer C7 is a router.TP- Link TL-WR841N is a router. A security vulnerability exists in a number of TP-LINK...

CVE-2025-9586

A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affects the function wirelessdevicedissoc of the file /usr/bin/webmgnt. Such manipulation of the argument mac leads to command injection. The attack may be performed from a remote location. The exploit is publicly available...

CVE-2025-9585

A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilithdeletepicfile of the file /usr/bin/webmgnt. This manipulation of the argument portaldeletepicname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly...

CVE-2025-9585

A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilithdeletepicfile of the file /usr/bin/webmgnt. This manipulation of the argument portaldeletepicname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly...