CVE-2025-65202

TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "nextfile," which allows an attacker to execute arbitrary commands with root privileges...

TRENDnet TEW-657BRM 安全漏洞

The TRENDnet TEW-657BRM is a WiFi router from TRENDnet. The TRENDnet TEW-657BRM suffers from a command injection vulnerability that is caused by a flaw in the setup.cgi binary file. An attacker can exploit this vulnerability to execute arbitrary operating system commands on the system...

CVE-2025-65202

TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command injection vulnerability in the setup.cgi binary, exploitable via the HTTP parameters "command", "todo", and "nextfile," which allows an attacker to execute arbitrary commands with root privileges...

CVE-2025-65202

CVE-2025-65202 affects TRENDnet TEW-657BRM firmware 1.00.1, with an authenticated remote OS command injection in the setup.cgi binary. The vulnerability is exploitable via HTTP parameters named “command”, “todo”, and “next_file,” allowing execution of arbitrary commands with root privileges. Curr...

EUVD-2009-5111

Malware in sbrugna...

EUVD-2021-28411

Malicious code in bioql PyPI...

EUVD-2023-42684

Malicious code in bioql PyPI...

Netgear DGN1000B Code Execution Vulnerability

The Netgear DGN1000B is a wireless router from the American company Netgear. A code execution vulnerability exists in the Netgear DGN1000B version 1.1.00.24 and 1.1.00.45, which stems from insufficient cleanup of setup.cgi endpoint inputs, and can be exploited by an attacker to potentially cause...

CVE-2013-10061 Netgear Routers setup.cgi RCE

An authenticated OS command injection vulnerability exists in Netgear routers tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45 via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection...

CVE-2013-10061 Netgear Routers setup.cgi RCE

An authenticated OS command injection vulnerability exists in Netgear routers tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45 via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection...

CVE-2013-10061

CVE-2013-10061: Authenticated OS command injection in Netgear DGN1000B routers via TimeToLive parameter in /setup.cgi. Affected firmware versions: 1.1.00.24 and 1.1.00.45. Root cause: improper input neutralization enabling command execution after authentication. Impact: allows remote attackers to...

CVE-2021-41427

Beeline Smart Box 2.0.38 is vulnerable to Cross Site Scripting XSS via the choosemac parameter to setup.cgi...

CVE-2024-12847

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...

CVE-2024-12847

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited ...

CVE-2024-12847

The vulnerability CVE-2024-12847 affects NETGEAR DGN1000 routers (prior to firmware version 1.1.00.48). The issue is an authentication bypass in the setup.cgi endpoint that lets a remote, unauthenticated attacker execute arbitrary OS commands as root. Impact is described as remote command executi...

PT-2025-1029

Name of the Vulnerable Software and Affected Versions NETGEAR DGN1000 versions prior to 1.1.00.48 Description The NETGEAR DGN1000 router contains a flaw that allows bypassing the authentication process through the use of an alternative path or channel. Exploitation of this issue enables a remote,...

NETGEAR DGN1000 访问控制错误漏洞

The NETGEAR DGN1000 is a wireless router from NETGEAR for home and small office networking. An authentication bypass vulnerability exists in the NETGEAR DGN1000 prior to version 1.1.00.48. An attacker can exploit this vulnerability to take full control of the device by sending a constructed HTTP...

NETGEAR DGND4000 Elevation of Privilege Vulnerability

The NETGEAR DGND4000 is a wireless router , with modem capabilities. An elevation of privilege vulnerability exists in the ETGEAR DGND4000 that originates from elevating privileges to the /setup.cgi component via the nextfile parameter. No details of the vulnerability are provided at this time...

CVE-2023-50677

An issue in NETGEAR-DGND4000 v.1.1.00.151.00.15 allows a remote attacker to escalate privileges via the nextfile parameter to the /setup.cgi component...

CVE-2023-50677

An issue in NETGEAR-DGND4000 v.1.1.00.151.00.15 allows a remote attacker to escalate privileges via the nextfile parameter to the /setup.cgi component...