Lucene search
K

340 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-29874

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.0222EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/25 12:0 a.m.5 views

Tenda AC6 formSetIptv Function Command Injection Vulnerability

Tenda AC6 is a dual-band wireless router from Tenda that supports 2.4GHz and 5GHz bands with a maximum transmission rate of 1167Mbps. The Tenda AC6 suffers from a command injection vulnerability that stems from the formSetIptv function not validating or cleaning up special characters when handlin...

6.5CVSS7.9AI score0.03316EPSS
Exploits1References1
CNVD
CNVD
added 2025/08/25 12:0 a.m.4 views

Tenda AC6 Firmware Signature Verification Function Code Execution Vulnerability

Tenda AC6 is a dual-band wireless router from Tenda that supports IPv4 and IPv6 protocols and utilizes the 802.11ac/n wireless standard to provide a wireless transmission rate of 1167Mbps. A code execution vulnerability exists in the Tenda AC6, which stems from a problem with the firmware signatu...

9.8CVSS8.3AI score0.0028EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.6 views

TOTOLINK N350R 注入漏洞

The TOTOLINK N350R is a WiFi router from China's Gion Electronics TOTOLINK. The TOTOLINK N350R suffers from an injection vulnerability that originates from a misbehavior in the file /boafrm/formSysCmd, which can be exploited by an attacker to cause an application to crash or behave abnormally by...

8.8CVSS7.2AI score0.02425EPSS
Exploits0References7
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.7 views

(Pwn2Own) QNAP QHora-322 Improper Restriction of Communication Channel to Intended Endpoints Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SSH daemon. The...

6.6CVSS7.6AI score
Exploits0References1
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.5 views

Nexxt Solutions NCM-X1800 命令注入漏洞

The Nexxt Solutions NCM-X1800 is a router from Nexxt Solutions. A command injection vulnerability exists in the Nexxt Solutions NCM-X1800 UV1.2.7 and earlier versions, which stems from a command injection that could lead to the execution of arbitrary commands...

5.4CVSS7.5AI score0.09033EPSS
Exploits1References4
CNVD
CNVD
added 2025/07/04 12:0 a.m.3 views

Tenda AC1206 Buffer Overflow Vulnerability

The Tenda AC1206 is a wireless Gigabit router from Tenda China. The Tenda AC1206 suffers from a buffer overflow vulnerability that originates from the formSetCfm function failing to properly validate the length of the input data, which can be exploited by an attacker to cause a denial of service...

7.5CVSS7.5AI score0.00369EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/23 12:0 a.m.3 views

QNAP QHora Authorization Issues Vulnerability

The QNAP QHora is a router from the Taiwan, China-based company Qualicom Technology QNAP. QNAP QHora has an authorization issue vulnerability that stems from improper authentication, and no detailed vulnerability details are available at this time...

7.8CVSS7.1AI score0.00229EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/10 12:0 a.m.2 views

Tenda AC18 /goform/SetIPTVCfg Command Injection Vulnerability

The Tenda AC18 is a router from the Chinese company Tenda. The Tenda AC18 suffers from a command injection vulnerability that stems from incorrect manipulation of the parameter list in the file /goform/SetIPTVCfg. No details of the vulnerability are available at this time...

9.8CVSS7.6AI score0.03767EPSS
Exploits1References1
CNVD
CNVD
added 2025/06/10 12:0 a.m.3 views

Tenda AC18 /goform/SetSysAutoRebbotCfg Buffer Overflow Vulnerability

The Tenda AC18 is a router from the Chinese company Tenda. The Tenda AC18 suffers from a buffer overflow vulnerability that originates from a misuse of the parameter rebootTime in the file /goform/SetSysAutoRebbotCfg, which can be exploited by an attacker to submit a special request and execute...

9CVSS8.1AI score0.00776EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/28 12:0 a.m.7 views

PT-2025-23134 · Next.Js · Next.Js

Name of the Vulnerable Software and Affected Versions: Next.js versions 13.0 through 15.2.2 Description: Next.js is a React framework for building full-stack web applications. In affected versions, Next.js may have allowed limited source code exposure when the dev server was running with the App...

2.3CVSS6.3AI score0.00166EPSS
Exploits0References13
CNVD
CNVD
added 2025/05/28 12:0 a.m.4 views

TOTOLINK A3002R Buffer Overflow Vulnerability

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. TOTOLINK A3002R suffers from a buffer overflow vulnerability that originates from the interfacenameds parameter in the formDhcpv6s interface failing to correctly validate the length size of the input data, no detailed...

6.5CVSS7.5AI score0.00285EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:58 a.m.9 views

CVE-2024-33112

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnapmainfunc...

7.5CVSS7.7AI score0.06457EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:45 a.m.8 views

CVE-2024-28288

Ruijie RG-NBR700GW 10.34b12 router lacks cookie verification when resetting the password, resulting in an administrator password reset vulnerability. An attacker can use this vulnerability to log in to the device and disrupt the business of the enterprise...

9.8CVSS7.1AI score0.00724EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:50 a.m.5 views

CVE-2024-53283

Improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability in Router Port Forward functionality in Synology Router Manager SRM before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing...

5.9CVSS5.9AI score0.0026EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:18 a.m.12 views

CVE-2022-30327

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The web interface is vulnerable to CSRF. An attacker can change the pre-shared key of the Wi-Fi router if the interface's IP address is known...

6.5CVSS6.9AI score0.00469EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 p.m.8 views

CVE-2022-32058

An infinite loop in the function httpRpmPass of TP-Link TL-WR741N/TL-WR742N V1/V2/V3130415 allows attackers to cause a Denial of Service DoS via a crafted packet...

7.8CVSS6.7AI score0.01201EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:42 p.m.9 views

CVE-2022-28579

It is found that there is a command injection vulnerability in the setParentalRules interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

10CVSS8.1AI score0.02945EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:42 p.m.10 views

CVE-2022-28575

It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows attackers to execute arbitrary commands through a carefully constructed payload...

10CVSS8.2AI score0.02945EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:27 p.m.10 views

CVE-2021-30229

The api/zrDm/setzrDm interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dmenable, AppKey, or Pwd parameter...

8.8CVSS8.1AI score0.02884EPSS
Exploits1References1
Rows per page
Query Builder