CVE-2025-5439

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been rated as critical. Affected by this issue is the function verifyFacebookLike of the file /goform/verifyFacebookLike. The manipulation of the...

CVE-2025-5113

CVE-2025-5113 affects the Diviotec professional series IP cameras with a web interface. The issue is an authenticated remote command-injection vulnerability in one exposed endpoint, combined with hardcoded passwords. CVSS 4.0 base score 8.6 (HIGH) indicates significant impact on confidentiality, ...

AZL-62282 CVE-2025-48938 affecting package gh for versions less than 2.62.0-9

go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URL...

The vulnerability of the setUpgradeFW() function in TOTOLINK CA600-PoE router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setUpgradeFW function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level when processing the FileName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the setWebWlanIdx() function in TOTOLINK CA600-PoE router software allows a intruder to execute arbitrary commands.

The vulnerability of the setWebWlanIdx function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken at the control level during the processing of the webWlanIdx parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the msg_process() function in TOTOLINK CA300-PoE router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the msgprocess function in TOTOLINK CA300-PoE router microprogramming software is related to the lack of measures taken at the control level during the processing of the URL parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

The vulnerability of the msg_process() function in TOTOLINK CA600-PoE router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the msgprocess function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken at the control level during the processing of the URL parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

The vulnerability of the CloudSrvUserdataVersionCheck() function in TOTOLINK CA600-PoE router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the CloudSrvUserdataVersionCheck function in TOTOLINK CA600-PoE router’s software lies in the lack of measures taken at the control level during the processing of the url parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sendin...

The vulnerability of the recvUpgradeNewFw() function in TOTOLINK CA600-PoE router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the recvUpgradeNewFw function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level when processing the fwUrl parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the CloudSrvUserdataVersionCheck() function in TOTOLINK CP900 router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the CloudSrvUserdataVersionCheck function in TOTOLINK CP900 router’s software lies in the lack of measures to sanitize input data when processing parameters like url and magicid. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending...

The vulnerability of the setUploadUserData() function in TOTOLINK CP900 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setUploadUserData function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to sanitize input data during the processing of the FileName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

The vulnerability of the CloudSrvUserdataVersionCheck() function in TOTOLINK CA600-PoE router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the CloudSrvUserdataVersionCheck function in TOTOLINK CA600-PoE router’s software lies in the lack of measures taken at the control level during the processing of the magicid parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

The vulnerability of the recvUpgradeNewFw() function in TOTOLINK CA300-PoE router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the recvUpgradeNewFw function in TOTOLINK CA300-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level when processing the fwUrl parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the setUpgradeUboot() function in TOTOLINK CP900 router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the setUpgradeUboot function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to sanitize input data during the processing of the FileName parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

The vulnerability of the CloudSrvUserdataVersionCheck() function in TOTOLINK CA300-PoE router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the CloudSrvUserdataVersionCheck function in TOTOLINK CA300-PoE router’s software lies in the lack of measures taken at the control level during the processing of the url parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sendin...

The vulnerability of the setApRebootScheCfg() function in TOTOLINK CP900 router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the setApRebootScheCfg function in TOTOLINK CP900 router microprogramming software is related to the lack of measures to clean input data during the processing of the hour and minute parameters. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the setNoticeCfg() function in the TOTOLink A950RG router’s microprogramming software allows a intruder to execute arbitrary commands and gain full control over the device.

The vulnerability of the setNoticeCfg function in the TOTOLink A950RG router’s microprogramming software lies in the lack of measures taken to clean up data at the control level when processing the IpTo parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...

The vulnerability of the msg_process() function in TOTOLINK CA300-PoE router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the msgprocess function in TOTOLINK CA300-PoE router microprogramming systems is related to the lack of measures taken at the control level during the processing of the Port parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

PT-2025-23356 · Undefined · Undefined

CVE-2022-46739 - Apache Struts Remote Command Execution Vulnerability CVE ID : CVE-2022-46739 Published : May 28, 2025, 7:15 p.m. | 2 hours, 15 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 |...

The vulnerability of the SINEMA Remote Connect Edge Client microprogramming software for industrial switches from Siemens, model Scalance LPE9403, allows a perpetrator to execute arbitrary commands.

The vulnerability of the SINEMA Remote Connect Edge Client microprogramming software for Siemens Scalance LPE9403 industrial switches in remote connection mode is related to the failure to take measures to neutralize certain special elements. Exploiting this vulnerability can allow an attacker to...