333 matches found
CVE-2026-38704
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
CVE-2026-38703
A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
CVE-2026-38707
A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target device...
InHand IR Series 安全漏洞
The InHand IR Series is a series of industrial-grade cellular wireless routers produced by InHand Corporation in the United States. The InHand IR Series contains a security vulnerability, which stems from command injection in the IPSec VPN function. This vulnerability could allow attackers to gai...
CVE-2026-38703
A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
CVE-2026-38707
A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target device...
CVE-2026-38704
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
PT-2026-44404
Name of the Vulnerable Software and Affected Versions IR302 versions prior to 3.5.108 IR305 versions prior to 1.0.118 IR315 versions prior to 1.0.118 IR615 versions prior to 1.0.118 Description A command injection issue exists in the ZeroTier VPN feature. This allows remote attackers to execute...
CVE-2026-38707
A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target device...
CVE-2026-38704
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
CVE-2026-38703
A command injection vulnerability exists in the ZeroTier VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
SUSE CVE-2003-0098
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server...
CVE-2025-40949
The CVE-2025-40949 issue affects RUGGEDCOM ROX devices (MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, RX5000) with all versions
CVE-2026-30495
The Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01, Android 8.0.0 exposes Android Debug Bridge ADB on TCP port 5555 over the network without requiring authentication. The device is configured with ro.adb.secure=0, which disables RSA key verification. Additionally, a functional su binar...
CVE-2026-30495
The Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01, Android 8.0.0 exposes Android Debug Bridge ADB on TCP port 5555 over the network without requiring authentication. The device is configured with ro.adb.secure=0, which disables RSA key verification. Additionally, a functional su binar...
Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞
Dell PowerProtect Data Domain is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. Vulnerabilities exist in versions 7.7.1.0 to 8.6 of Dell PowerProtect Data Domain, as well as in LTS2025 versions 8.3.1.0 to 8.3.1.20 a...
Vulnerability fixed in Cisco Smart Software Manager On-Prem
Cisco has fixed a vulnerability in Cisco Smart Software Manager On-Prem. A malicious party could exploit this vulnerability by inadvertently making an internal service component in Cisco Smart Software Manager On-Prem SSM On-Prem externally accessible. This allows a remote attacker to execute...
CVE-2026-26213
thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...
PT-2026-26318
OS command injection in the CWMP client /ftl/bin/cwmp of Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote attackers controlling the ACS endpoint to execute arbitrary commands as root via a crafted TR-069 Download URL that is passed unescaped into t...
Exploit for Argument Injection in Gnu Inetutils
CVE-2026-24061: GNU Telnetd Authentication Bypass overview...