The vulnerability of the graphical interface of the Fortinet FortiManager software, a centralized device management tool, allows a hacker to execute arbitrary commands.

The vulnerability of the graphical interface of the Fortinet FortiManager device management software is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...

The vulnerability of the QNAP License Center software lies in its failure to take measures to neutralize special elements used in the operating system’s command set, allowing a violator to execute arbitrary commands.

The vulnerability of the QNAP License Center software management tool is related to the failure to take measures to neutralize special elements used in the operating system command set. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the CSFD software of the Fortinet FortiManager device allows a intruder to execute arbitrary commands.

The vulnerability of the Fortinet FortiManager device management software allows for arbitrary commands to be executed by a malicious actor who operates remotely. This vulnerability is related to the lack of measures taken to neutralize special elements used within the operating system...

The vulnerability of the set_sys_init() function in the login.cgi script of the Wavlink AC3000 router microprogramming system (WL-WN533A8) allows a hacker to execute arbitrary commands.

The vulnerability of the setsysinit function in the login.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning at the control level when processing the restartweekvalue parameter. Exploiting this vulnerability allows a remote attacker ...

The vulnerability of the set_sys_init() function in the login.cgi script of the Wavlink AC3000 router microprogramming system (WL-WN533A8) allows a hacker to execute arbitrary commands.

The vulnerability of the setsysinit function in the login.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning measures at the control level when processing the restartminvalue parameter. Exploiting this vulnerability allows a remote...

The vulnerability of the set_add_routing() function in the internet.cgi script of the Wavlink AC3000 (WL-WN533A8) router microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the setaddrouting function in the internet.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning measures at the control level when processing the gateway parameter. Exploiting this vulnerability allows a remote...

The vulnerability of the set_sys_init() function in the login.cgi script of the Wavlink AC3000 router microprogramming system (WL-WN533A8) allows a hacker to execute arbitrary commands.

The vulnerability of the setsysinit function in the login.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning at the control level when processing the restarthourvalue parameter. Exploiting this vulnerability allows a remote attacker ...

The vulnerability of the set_add_routing() function in the internet.cgi script of the Wavlink AC3000 (WL-WN533A8) router microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the setaddrouting function in the internet.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the lack of data cleaning at the control level when processing the netmask parameter. Exploiting this vulnerability allows a remote attacker to...

CVE-2025-0528

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched...

CVE-2025-0457 NetVision Information airPASS - OS Command Injection

The airPASS from NetVision Information has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands...

PT-2025-3893 · Netvision Information · Airpass

Name of the Vulnerable Software and Affected Versions: airPASS from NetVision Information affected versions not specified Description: The issue allows remote attackers with regular privileges to inject and execute arbitrary OS commands. This is due to an OS Command Injection vulnerability...

The vulnerability of the Palo Alto Networks Expedition configuration migration tool lies in its inability to remove special elements used in the basic operating system, allowing attackers to execute arbitrary commands.

The vulnerability of the Palo Alto Networks Expedition configuration migration tool lies in the lack of measures taken to neutralize special elements used in the basic operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

PMB platform 代码问题漏洞

PMB platform is a free document management software from PMB Inc. A code issue vulnerability exists in PMB platform versions 4.0.10 through 4.2.13, which stems from the presence of an unrestricted file upload that could allow an attacker to upload a file in order to gain remote access to the...

CVE-2025-0356

NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network...

CVE-2025-0356

NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network...

CVE-2025-0356

NEC Corporation Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier allows a attacker to execute arbitrary OS commands via the network...

Phiewer 安全漏洞

Phiewer is a macOS image viewer from Phiewer Inc. A security vulnerability exists in Phiewer version 4.1.0, which stems from a dylib injection that results in command execution, which can lead to remote control and unauthorized access to sensitive user data...

NEC Aterm WX1500HP 操作系统命令注入漏洞

The NEC Aterm WX1500HP is a wireless router from Nippon Electric NEC. An operating system command injection vulnerability exists in NEC Aterm WX1500HP Ver.1.4.2 and earlier and WX3600HP Ver.1.5.3 and earlier, which originates from allowing an attacker to execute arbitrary OS commands over the...

DrayTek Vigor 1.5.1.1 (CVE-2020-19664)

The version of DrakTek Vigor installed on the remote host is prior to 1.5.1.1. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-19664 advisory. - DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA action to mainfunction.cgi...

VulnCheck KEV: CVE-2022-44149

The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required...