The vulnerability of the LAN Controller feature of the Cisco IOS XE operating system allows a hacker to execute arbitrary commands.

The vulnerability of the LAN Controller feature of the Cisco IOS XE operating system is related to the failure to take measures to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the Modbus TCP Packet Handler component in the Ethernet module software for WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN allows a hacker to execute arbitrary commands.

The vulnerability of the Modbus TCP Packet Handler component in the Ethernet module software of WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2025-37102

CVE-2025-37102 is an authenticated command-injection vulnerability affecting the CLI of HPE Networking Instant On Access Points. The attack could allow a remote attacker with elevated privileges to run arbitrary commands on the underlying OS as a highly privileged user (CVSS 3.1 base 7.2, NETWORK...

CVE-2025-37102 Authenticated Command Injection Vulnerability In Instant On Command Line Interface

An authenticated command injection vulnerability exists in the Command line interface of HPE Networking Instant On Access Points. A successful exploitation could allow a remote attacker with elevated privileges to execute arbitrary commands on the underlying operating system as a highly privilege...

CVE-2025-4663 Denial-of-Service (DoS) after Unusual or Exceptional Conditions vulnerability

An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based attacker to cause a Denial-of-Service DoS. The vulnerability is encountered when supportsave is invoked remotely, using ssh command or SANnav inlin...

ScriptCase 9.12.006 (23) - Remote Command Execution (RCE)

Exploit Title: ScriptCase 9.12.006 23 - Remote Command Execution RCE Date: 04/07/2025 Exploit Author: Alexandre ZANNI noraj & Alexandre DROULLÉ cabir Vendor Homepage: https://www.scriptcase.net/ Software Link: https://www.scriptcase.net/download/ Version: 1.0.003-build-2 Production Environment /...

CVE-2025-20319

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability editscripted and listinputs capability , could perform a remote command execution due to improper user input sanitization on the scripted input files.See Define...

CVE-2025-20319

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability editscripted and listinputs capability , could perform a remote command execution due to improper user input sanitization on the scripted input files.See Define...

CVE-2025-20319

CVE-2025-20319 affects Splunk Enterprise prior to versions 9.4.3, 9.3.5, 9.2.7, and 9.1.10. The root cause is improper user input sanitization in scripted input files, exploitable by a user who has a role with the high‑privilege capabilities edit_scripted and list_inputs . This could enable remot...

CVE-2025-20319 Remote Command Execution through Scripted Input Files in Splunk Enterprise

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability editscripted and listinputs capability , could perform a remote command execution due to improper user input sanitization on the scripted input files.See Define...

📄 ScriptCase Remote Command Execution

ScriptCase versions 1.0.003-build-2 Production Environment and 9.12.006 23 ScriptCase are affected by a pre-authenticated remote command execution vulnerability. This is achieved by chaining two vulnerabilities: the first is the ability to reset the administrator password of the prod console unde...

PT-2025-28230 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.4.3 Splunk Enterprise versions prior to 9.3.5 Splunk Enterprise versions prior to 9.2.7 Splunk Enterprise versions prior to 9.1.10 Description: A user with a role containing the high-privilege capabilitie...

The vulnerability of the formSetWanStatic() function (/goform/formSetWanStatic) in the wireless range extender software by Belkin F9K1122 allows a intruder to execute arbitrary commands.

The vulnerability of the formSetWanStatic function /goform/formSetWanStatic of the Belkin F9K1122 Wi-Fi range extender software is related to the lack of data cleaning measures at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

The vulnerability of the formBSSetSitesurvey() function (/goform/formBSSetSitesurvey) in the Wi-Fi range expansion software by Belkin F9K1122 allows a intruder to execute arbitrary commands.

The vulnerability of the formBSSetSitesurvey function /goform/formBSSetSitesurvey of the Belkin F9K1122 Wi-Fi range extender software is related to the lack of measures taken at the control level for data cleaning. Exploiting this vulnerability could allow a remote attacker to execute arbitrary...

The vulnerability of the mp() function (/goform/mp) in the microprogramming software for Wi-Fi range extension device Belkin F9K1122 allows a intruder to execute arbitrary commands.

The vulnerability of the mp function /goform/mp in the microprogramming software for Wi-Fi range extension by Belkin F9K1122 is related to the lack of measures taken to secure data at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

Splunk Enterprise 9.1.0 < 9.1.10, 9.2.0 < 9.2.7, 9.3.0 < 9.3.5, 9.4.0 < 9.4.3 (SVD-2025-0702)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0702 advisory. - In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege...

CVE-2025-7083

A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. This affects the function mp of the file /goform/mp of the component webs. The manipulation of the argument command leads to os command injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2025-7083

CVE-2025-7083 affects Belkin F9K1122 with firmware 1.00.33. A vulnerability in the function mp of the file /goform/mp allows OS command injection via manipulation of the command argument, with remote exploitation possible. The CVE entries consistently describe a critical impact (CWE-like risk: ar...

CVE-2025-7082

A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component webs. The manipulation of the argument wanipaddr/wannetmask/wangateway/wlssid is directly passed by t...

CVE-2025-7081

A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. Affected by this vulnerability is the function formSetWanStatic of the file /goform/formSetWanStatic of the component webs. The manipulation of the argument...