CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

408 matches found

Prion•added 2018/12/03 10:29 p.m.•21 views

Command injection

System command injection in the /DroboAccess/deleteuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter...

7.5CVSS9.9AI score0.19994EPSS

Exploits5References2Affected Software1

NVD•added 2018/12/03 10:29 p.m.•19 views

CVE-2018-14699

System command injection in the /DroboAccess/enableuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter...

9.8CVSS10AI score0.29398EPSS

Exploits1References1

Cvelist•added 2018/12/03 10:0 p.m.•21 views

CVE-2018-14699

System command injection in the /DroboAccess/enableuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter...

10AI score0.29398EPSS

Exploits1References1

Cvelist•added 2018/12/03 10:0 p.m.•28 views

CVE-2018-14701

System command injection in the /DroboAccess/deleteuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter...

10AI score0.19994EPSS

Exploits5References2

Cvelist•added 2018/12/03 10:0 p.m.•15 views

CVE-2018-14706

System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request...

10AI score0.17113EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•3 views

TerraMaster TOS System Command Injection Vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php file in...

9CVSS9.2AI score0.05185EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•2 views

TerraMaster TOS System Command Injection Vulnerability (CNVD-2018-26658)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php endpoint in...

9CVSS9.2AI score0.24946EPSS

Exploits1References1

CNVD•added 2018/11/28 12:0 a.m.•2 views

TerraMaster TOS System Command Injection Vulnerability (CNVD-2018-26664)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A system command injection vulnerability exists in the ajaxdata.php endpoint in...

9CVSS9.2AI score0.05945EPSS

Exploits1References1

NVD•added 2018/11/27 9:29 p.m.•7 views

CVE-2018-13418

System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter...

9CVSS9.1AI score0.05185EPSS

Exploits1References1

OSV•added 2018/11/27 9:29 p.m.•2 views

CVE-2018-13358

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter...

8.8CVSS5.9AI score0.24946EPSS

Exploits1References1

OSV•added 2018/11/27 9:29 p.m.•2 views

CVE-2018-13330

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter...

7.2CVSS5.9AI score0.08136EPSS

Exploits1References1

OSV•added 2018/11/27 9:29 p.m.•4 views

CVE-2018-13336

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "pwd" parameter during user creation...

9.8CVSS5.9AI score0.091EPSS

Exploits1References1

Prion•added 2018/11/27 9:29 p.m.•14 views

Command injection

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation...

10CVSS9.8AI score0.10226EPSS

Exploits1References1Affected Software1

NVD•added 2018/11/27 9:29 p.m.•14 views

CVE-2018-13353

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter...

9CVSS9.2AI score0.05945EPSS

Exploits1References1

NVD•added 2018/11/27 9:29 p.m.•17 views

CVE-2018-13330

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter...

9CVSS7.5AI score0.08136EPSS

Exploits1References1

NVD•added 2018/11/27 9:29 p.m.•16 views

CVE-2018-13338

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "username" parameter during user creation...

10CVSS9.9AI score0.10226EPSS

Exploits1References1

NVD•added 2018/11/27 9:29 p.m.•18 views

CVE-2018-13358

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "checkName" parameter...

9CVSS9.2AI score0.24946EPSS

Exploits1References1

Cvelist•added 2018/11/27 9:0 p.m.•11 views

CVE-2018-13023

System command injection vulnerability in wifiaccess in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute system commands via the "timeout" URL parameter...

9.1AI score0.23955EPSS

Exploits1References1

Cvelist•added 2018/11/27 9:0 p.m.•15 views

CVE-2018-13316

System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "subnet" POST parameter...

9.9AI score0.03195EPSS

Exploits1References1

Cvelist•added 2018/11/27 9:0 p.m.•17 views

CVE-2018-13330

System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands during group creation via the "groupname" parameter...

8.1AI score0.08136EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by