19616 matches found
CVE-2024-57473
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to...
CVE-2024-57471
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST...
CVE-2024-57479
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/we...
PT-2025-3454 · H3C · H3C N12
Name of the Vulnerable Software and Affected Versions: H3C N12 version V100R005 Description: The issue is due to a lack of length verification in the 5G wireless network processing function, which can cause a buffer overflow. Attackers who successfully exploit this can cause the remote target...
CVE-2024-57480
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the AP configuration function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/webs...
CVE-2024-57473
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to...
PT-2025-2546 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A vulnerability exists in the set nas function of nas.cgi, allowing for external configuration control. This can be exploited through a specially crafted HTTP request, potentially leading...
PT-2025-7557 · Tenda · Tenda Ac6
Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 15.03.05.16 multi Description: The issue is related to a remote code execution RCE problem. In the formexeCommand function, the parameter cmdinput can cause remote command execution. Recommendations: For Tenda AC6 version...
GestioIP 操作系统命令注入漏洞
GestioIP is a web-based IPv4/IPv6 address management software from GestioIP. A security vulnerability exists in GestioIP version v3.5.7 that originates in the file upload feature and leads to remote command execution...
The vulnerability of the microprogrammed routing software of Four-Faith F3x24 and Four-Faith F3x36 arises from the failure to take measures to neutralize special elements used in the operating system’s commands. This allows attackers to execute arbitrary commands.
The vulnerability of the microprogrammed routing software of Four-Faith F3x24 and Four-Faith F3x36 lies in the lack of measures to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the Lenovo XClarity Controller (XCC) against Lenovo ThinkSystem servers allows a hacker to execute arbitrary commands.
The vulnerability of the Lenovo XClarity Controller XCC for Lenovo ThinkSystem systems is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands using a specially created IPMI...
Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure
CVE-2025-0282-Ivanti-exploit CVE-2025-0282 is a critical vulne...
cups security update
An update is available for cups. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Common UNIX Printing System CUPS provides a portable printing layer for Linu...
RockyLinux 8 : cups (RLSA-2025:0083)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:0083 advisory. cups: libppd: remote command injection via attacker controlled data in PPD file CVE-2024-47175 Tenable has extracted the preceding description block directly from...
CVE-2024-12847
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...
Linksys E7350 安全漏洞
The Linksys E7350 is a wireless router device from Leadsys. A security vulnerability exists in the handling of the ifname parameter by the Linksys E7350 apcliwpsgenpincode function, which can be exploited by a remote attacker to submit a special request that can be used in the application context...
Linksys E7350 安全漏洞
The Linksys E7350 is a wireless router device from Leadsys. An input validation vulnerability exists in the handling of the iface parameter by the Linksys E7350 vifdisable function, which can be exploited by a remote attacker to submit a special request that can be used in the application context...
TOTOLINK A6000R 安全漏洞
The TOTOLINK A6000R is a high-performance wireless router that utilizes advanced technology and design to provide users with an outstanding network experience. A security vulnerability exists in the TOTOLINK A6000R actionpasswd function's handling of the newpasswd parameter, which can be exploite...
Linksys E7350 安全漏洞
The Linksys E7350 is a wireless router device from Leadsys. A security vulnerability exists in the handling of the devname parameter by the Linksys E7350 resetwifi function, which can be exploited by a remote attacker to submit a special request that can be used in the application context to...
Linksys E7350 安全漏洞
The Linksys E7350 is a wireless router device from Leadsys. A security vulnerability exists in the handling of the ifname parameter in the Linksys E7350 apclicancelwps function, which can be exploited by a remote attacker to submit a special request that can be used in the application context to...