30 matches found
CVE-2026-6987 PicoClaw Web Launcher Management Plane restart command injection
A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management Plane. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The project was informed o...
CVE-2025-65828
An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy BLE to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. Clear config would disassociate the current device from...
CVE-2025-65828
An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy BLE to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. Clear config would disassociate the current device from...
CVE-2025-65828
Meatmeet devices are vulnerable to an unauthenticated BLE-based Denial of Service. An attacker within BLE range can issue commands such as shutdown, restart, and clear config, which disassociates the device from its user and prevents receiving updates from the base station until the device is fix...
CVE-2025-65828
An unauthenticated attacker within proximity of the Meatmeet device can issue several commands over Bluetooth Low Energy BLE to these devices which would result in a Denial of Service. These commands include: shutdown, restart, clear config. Clear config would disassociate the current device from...
EUVD-2025-17004
Malicious code in bioql PyPI...
📄 AndroMouse Server 8.0 Unauthenticated Remote System Control
AndroMouse Server version 8.0 allows attackers to send UDP commands to remotely restart, shutdown, sleep, lock, or log off the target machine without authentication. This leads to unauthorized power state manipulation and potential denial of service. Exploit Title: AndroMouse Server 8.0 –...
📄 Off 2.15 Unauthenticated Remote System Control
Off version 2.15 exposes a TCP service on 1984 port that allows unauthenticated attackers to issue remote system control commands such as Shutdown, Restart, Lock, Sleep, and Hibernate. Exploit Title: Off 2.15 - Unauthenticated Remote System Control Date: 25/06/25 Exploit Author: Chokri Hammedi...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14373)
FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the RESTART Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
CVE-2025-5664
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and...
CVE-2025-5664
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and...
CVE-2025-5664
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and...
CVE-2025-5664 FreeFloat FTP Server RESTART Command buffer overflow
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and...
CVE-2025-5664
Affected: FreeFloat FTP Server 1.0. Vulnerable component: RESTART Command Handler. Root cause: buffer overflow due to improper input length validation. Impact: remote exploitation possible; exploit has been disclosed publicly. Remediation: PT-Security recommends disabling the RESTART Command Hand...
CVE-2025-5664 FreeFloat FTP Server RESTART Command buffer overflow
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component RESTART Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and...
FreeFloat FTP Server 安全漏洞
FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the RESTART Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
PT-2025-23935 · Unknown · Freefloat Ftp Server
Name of the Vulnerable Software and Affected Versions: FreeFloat FTP Server version 1.0 Description: A critical issue affects the RESTART Command Handler component, leading to a buffer overflow. This can be exploited remotely. The issue has been publicly disclosed. Recommendations: For FreeFloat...
GHSA-PXMR-Q2X3-9X9M Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269)
Summary The Home Preference page exposes a small list of nginx settings such as Nginx Access Log Path and Nginx Error Log Path. However, the API also exposes testconfigcmd, reloadcmd and restartcmd. While the UI doesn't allow users to modify any of these settings, it is possible to do so by sendi...
Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269)
Summary The Home Preference page exposes a small list of nginx settings such as Nginx Access Log Path and Nginx Error Log Path. However, the API also exposes testconfigcmd, reloadcmd and restartcmd. While the UI doesn't allow users to modify any of these settings, it is possible to do so by sendi...
PT-2023-8393 · Nginx-Ui · Nginx-Ui
Name of the Vulnerable Software and Affected Versions: Nginx-ui versions prior to 2.0.0.beta.9 Description: The issue is related to the Nginx UI server, where the API exposes certain settings such as test config cmd, reload cmd, and restart cmd, which can be modified by sending a request to the...