CVE-2026-26514

An Argument Injection vulnerability exists in bird-lg-go before commit 6187a4e. The traceroute module uses shlex.Split to parse user input without validation, allowing remote attackers to inject arbitrary flags e.g., -w, -q via the q parameter. This can be exploited to cause a Denial of Service D...

Bird-lg-go 安全漏洞

Bird-lg-go is a BGP routing query tool developed by Yuhui Xu. Previous versions of bird-lg-go, including 6187a4e, contained security vulnerabilities. These vulnerabilities stemmed from the traceroute module’s use of shlex.Split to parse user input without proper validation. This could allow remot...

EUVD-2023-56416

Malicious code in bioql PyPI...

CVE-2023-51719

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Traceroute parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

PT-2024-14258 · Skyworth · Skyworth Router Cm5100

Name of the Vulnerable Software and Affected Versions: Skyworth Router CM5100 version 4.1.1.24 Description: This issue is due to insufficient validation of user-supplied input for the Traceroute parameter at the web interface. A remote attacker could exploit this by supplying specially crafted...