20 matches found
EUVD-2025-1820
Malicious code in bioql PyPI...
EUVD-2023-47893
Malicious code in bioql PyPI...
CVE-2025-0697
A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the attack remotely...
CVE-2023-43477
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
CVE-2025-0697 Telstra Smart Modem Gen 2 HTTP Header injection
A vulnerability, which was classified as problematic, was found in Telstra Smart Modem Gen 2 up to 20250115. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Content-Disposition leads to injection. It is possible to initiate the attack remotely...
CVE-2025-0697
Telstra Smart Modem Gen 2 (up to 20250115) is affected by a vulnerability in the HTTP Header Handler where manipulation of the Content-Disposition argument leads to injection. The issue can be triggered remotely. Affected component/file: HTTP Header Handler; root cause described as Content-Dispos...
Telstra Smart Modem 安全漏洞
Telstra Smart Modem is a smart modem from Telstra. A security vulnerability exists in Telstra Smart Modem Gen 2 20250115 and earlier versions, which stems from the parameter Content-Disposition of the component HTTP Header Handler can lead to injection...
VulnCheck KEV: CVE-2023-43478
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code...
CVE-2023-43478
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
Remote code execution
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
CVE-2023-43477
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
Command injection
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
CVE-2023-43478 Unauthenticated configuration restore and firmware update
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
CVE-2023-43478
The CVE-2023-43478 entry concerns Telstra Smart Modem Gen 2 (Arcadyan LH1000) with firmware versions prior to 0.18.15r. The vulnerability stems from the fake_upload.cgi endpoint, which allows unauthenticated uploads of firmware images and configuration backups, potentially enabling an attacker to...
CVE-2023-43478 Unauthenticated configuration restore and firmware update
fakeupload.cgi on the Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, allows unauthenticated attackers to upload firmware images and configuration backups, which could allow them to alter the firmware or the configuration on the device, ultimately leading to code execution ...
CVE-2023-43477 Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000)
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
CVE-2023-43477
CVE-2023-43477 affects Telstra Smart Modem Gen 2 (Arcadyan LH1000). The flaw is in the web UI component ping_tracerte.cgi: the ping_from parameter is not properly sanitized before being used in a system call, enabling a authenticated user to perform a command injection as root on firmware versions
CVE-2023-43477 Post-Auth Command Injection in Telstra Smart Modem Gen 2 (Arcadyan LH1000)
The pingfrom parameter of pingtracerte.cgi in the web UI of Telstra Smart Modem Gen 2 Arcadyan LH1000, firmware versions 0.18.15r, was not properly sanitized before being used in a system call, which could allow an authenticated attacker to achieve command injection as root on the device...
Telstra Smart Modem Command Injection Vulnerability
Telstra Smart Modem is a smart modem from Telstra. A security vulnerability exists in Telstra Smart Modem Gen 2 firmware prior to version 0.18.15r, which originates from a vulnerability that allows an authenticated attacker to achieve command injection as root via the pingfrom parameter...
Telstra Smart Modem Code Issue Vulnerability
Telstra Smart Modem is a smart modem from Telstra. A security vulnerability exists in Telstra Smart Modem Gen 2 firmware prior to version 0.18.15r, which originates from a vulnerability that could allow an authenticated attacker to alter the firmware or configuration on the device and execute cod...