11 matches found
CVE-2026-4959
OpenBMB XAgent 1.0.0 contains a vulnerability in the ShareServer WebSocket Endpoint (XAgentServer/application/websockets/share.py, function check_user). Manipulating the argument interaction_id results in missing authentication, enabling remote exploitation. The exploit has been publicized, and t...
CVE-2026-4959 OpenBMB XAgent ShareServer WebSocket Endpoint share.py check_user missing authentication
A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function checkuser of the file XAgentServer/application/websockets/share.py of the component ShareServer WebSocket Endpoint. Performing a manipulation of the argument interactionid results in missing authentication. Remote...
CVE-2026-4959 OpenBMB XAgent ShareServer WebSocket Endpoint share.py check_user missing authentication
A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function checkuser of the file XAgentServer/application/websockets/share.py of the component ShareServer WebSocket Endpoint. Performing a manipulation of the argument interactionid results in missing authentication. Remote...
PT-2026-28685
A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function check user of the file XAgentServer/application/websockets/share.py of the component ShareServer WebSocket Endpoint. Performing a manipulation of the argument interaction id results in missing authentication. Remote...
CVE-2025-14705
A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilize...
CVE-2025-14705
A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilize...
EUVD-2025-203334
A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilize...
CVE-2025-14705
CVE-2025-14705 affects Shiguangwu sgwbox N3 2.0.25. A vulnerability in the SHARESERVER feature (unknown function) allows manipulation of argument params leading to command injection. The issue is exploitable remotely, with public disclosures indicating potential use. Multiple feeds (NVD, Red Hat,...
CVE-2025-14705 Shiguangwu sgwbox N3 SHARESERVER Feature command injection
A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilize...
CVE-2025-14705 Shiguangwu sgwbox N3 SHARESERVER Feature command injection
A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilize...
SGWBox N3 命令注入漏洞
SGWBox N3 is a network storage device from China's Pickup Dock SGWBox. A command injection vulnerability exists in SGWBox N3 version 2.0.25, which stems from incorrect manipulation of the parameter params in the component SHARESERVER Feature, which could lead to command injection...