The vulnerability in the operation_mode.cgi script of NETGEAR R7000P microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability in the operationmode.cgi script of NETGEAR R7000P router microprogramming software is related to buffer overflow during the processing of the devicename2 parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the msp_info_htm function in D-Link DI-8400 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfohtm function in D-Link DI-8400 router microprogramming software is related to the lack of measures taken to neutralize special elements used in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands when processing the flag a...

CVE-2024-8525

An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file...

CVE-2024-8525 Automated Logic WebCTRL and Carrier i-Vu Unrestricted File Upload

An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file...

CVE-2024-8525

CVE-2024-8525 affects Automated Logic WebCTRL 7.0 (Premium Server). The issue is an unrestricted upload of a file with a dangerous type that an unauthenticated attacker can exploit via a crafted HTTP POST to achieve remote command execution and upload of a malicious file. Multiple connected sourc...

CVE-2024-8525 Automated Logic WebCTRL and Carrier i-Vu Unrestricted File Upload

An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

TOTOLINK EX200 安全漏洞

TOTOLINK EX200 is a 2.4G wireless N range extender from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK EX200 ssd parameter handling, which can be exploited by remote attackers to submit a special request that can be used to execute arbitrary commands in the...

LLaMA-Factory 操作系统命令注入漏洞

LLaMA-Factory is a fine-tuned large-scale language model by a Chinese hoshi-hiyouga individual developer. A cross-site scripting vulnerability exists in LLaMA-Factory version 0.9.0 and earlier, which stems from improper handling of user input and allows malicious actors to execute arbitrary...

D-Link DI-8200 安全漏洞

The D-Link DI-8200 is an enterprise router from China-based AUO D-Link. The D-Link DI-8200 suffers from a command injection vulnerability that stems from a remote command execution vulnerability in the flag parameter and cmd parameter of the mspinfohtm function. No details of the vulnerability ar...

PT-2024-39075 · Automated Logic · Automated Logic Webctrl

Name of the Vulnerable Software and Affected Versions: Automated Logic WebCTRL version 7.0 Description: The issue allows an unauthenticated user to perform remote command execution via a crafted HTTP POST request, which could lead to uploading a malicious file due to an unrestricted upload of fil...

PT-2024-32621 · Myscada · Myscada Mypro Manager

Name of the Vulnerable Software and Affected Versions: mySCADA myPRO Manager affected versions not specified Description: A parameter within a command does not properly validate input, which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands. Th...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

KASDA KW6512 安全漏洞

KASDA KW6512 is a wireless router from KASDA. A security vulnerability exists in the KASDA KW6512 version V1.0. A remote attacker can exploit this vulnerability to execute arbitrary operating system commands via the quick setup and page parameters passed to internet.cgi...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

KASDA KW5515 安全漏洞

KASDA KW5515 is a wireless router from KASDA. A security vulnerability exists in KASDA KW5515 v1.7 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary operating system commands via cgi parameters...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

D-Link DI-8400 安全漏洞

The D-LINK DI-8400 is an American D-Link router device for home and small business network connectivity. Multiple remote command execution vulnerabilities exist in the mspinfohtm function in the D-LINK DI-8400 version v16.07.26A1 via the flag and cmd parameters. A remote attacker can exploit this...