103 matches found
russh server userauth state is not reset when authentication principal changes
Summary The russh server authentication path keeps internal userauth state across SSHMSGUSERAUTHREQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user name and service name fields to change between authentication requests. The issue is not that...
PT-2026-45018
Summary The russh server authentication path keeps internal userauth state across SSH MSG USERAUTH REQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user name and service name fields to change between authentication requests. The issue is not...
Astra Linux - уязвимость в freeipa
A privilege escalation from the host to the domain vulnerability was identified in the FreeIPA project. By default, the FreeIPA package fails to validate the uniqueness of the krbCanonicalName for the admin account, allowing users to create services with the same canonical name as the REALM admin...
PT-2026-41515
A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/snssais results in denial of service. The attack is possible to be carried out remotely. The exploi...
TOTOLINK A3300R pppoeServiceName Parameter Command Injection Vulnerability
TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3300R pppoeServiceName parameter suffers from a command injection vulnerability that stems from the cstecgi.cgi file failing to properly validate the pppoeServiceName parameter, which can be exploited by an...
EUVD-2026-25243
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the pppoeServiceName parameter to /cgi-bin/cstecgi.cgi...
TOTOLINK A3300R 命令注入漏洞
TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3300R pppoeServiceName parameter suffers from a command injection vulnerability that stems from the cstecgi.cgi file failing to properly validate the pppoeServiceName parameter, which can be exploited by an...
CVE-2026-31165
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the pppoeServiceName parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-6155
A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...
CVE-2026-33457
Livestatus injection in the prediction graph page in Checkmk 2.5.0b4, 2.4.0p26, and 2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name parameter due to insufficient sanitization of the service description value...
CVE-2026-6155 Totolink A7100RU CGI cstecgi.cgi setWanCfg os command injection
A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched...
PT-2026-32240
Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 Description A weakness exists in the CGI Handler component of Totolink A7100RU version 7.4cu.2313. Manipulation of the pppoeServiceName argument within the setWanCfg function in the /cgi-bin/cstecgi.cgi file...
CVE-2026-33457
Livestatus injection in the prediction graph page in Checkmk 2.5.0b4, 2.4.0p26, and 2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name parameter due to insufficient sanitization of the service description value...
UBUNTU-CVE-2026-33457
Livestatus injection in the prediction graph page in Checkmk 2.5.0b4, 2.4.0p26, and 2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name parameter due to insufficient sanitization of the service description value...
CVE-2026-33457 Potential livestatus injection in prediction graph page
Livestatus injection in the prediction graph page in Checkmk 2.5.0b4, 2.4.0p26, and 2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name parameter due to insufficient sanitization of the service description value...
CVE-2025-70747
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serviceName parameter of the sub65A28 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
PT-2025-51871
Name of the Vulnerable Software and Affected Versions Tenda AC10V4.0 version 16.03.10.20 Description A buffer overflow condition exists in the fromAdvSetMacMtuWan function within the httpd binary. This allows remote attackers to potentially cause a denial of service or even execute code. The issu...
CVE-2025-67073
The CVE-2025-67073 entry describes a buffer overflow in the httpd binary of Tenda AC10V4.0 (v16.03.10.20) in the function fromAdvSetMacMtuWan. A crafted POST payload targeting the field serviceName to /goform/AdvSetMacMtuWan can cause a denial of service and potentially code execution. Public sou...
EUVD-2021-20877
Malware in sbrugna...
EUVD-2025-31705
Malicious code in bioql PyPI...