86 matches found
EUVD-2016-9440
Malware in sbrugna...
EUVD-2007-5705
Malware in sbrugna...
EUVD-2018-15849
Malware in sbrugna...
EUVD-2010-1729
Malware in sbrugna...
EUVD-2025-26141
Malicious code in bioql PyPI...
CVE-2025-9575
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command...
CVE-2025-9575
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command...
CVE-2025-9575 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 upload.cgi cgiMain os command injection
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command...
CVE-2025-50464
A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENTTYPE HTTP header into a fixed-size stack buffer v8, allocated 8 bytes without...
CVE-2025-50464
A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENTTYPE HTTP header into a fixed-size stack buffer v8, allocated 8 bytes without...
CVE-2025-50464
A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENTTYPE HTTP header into a fixed-size stack buffer v8, allocated 8 bytes without...
ipTIME NAS 安全漏洞
ipTIME NAS is a wireless router product from the Korean company ipTIME that provides NAS network attached storage. A security vulnerability exists in ipTIME NAS version v1.5.04, which stems from improper use of the strcpy function in the upload.cgi module, which could lead to a pre-authentication...
PT-2025-31431 · Iptime · Iptime Nas Firmware
Name of the Vulnerable Software and Affected Versions: iptime NAS firmware version 1.5.04 Description: A buffer overflow exists in the upload.cgi module due to the unsafe use of the strcpy function. This function copies data from the CONTENT TYPE HTTP header into a fixed-size stack buffer 8 bytes...
CVE-2025-7076
A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.cgi of the component Configuration Handler. The manipulation leads to improper access controls. The attack needs to be initiat...
CVE-2025-45029
WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENTLENGTH variable at /cgi-bin/upload.cgi...
CVE-2025-44879
WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
Winstars WS-WN572HP3 安全漏洞
Winstars WS-WN572HP3 is a wireless access point from Winstars China. A security vulnerability exists in Winstars WS-WN572HP3 version V230525, which originates from a buffer overflow in the file /www/cgi-bin/upload.cgi, which could lead to a denial of service attack...
CVE-2024-48760
An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.cgi file, enabling remote command execution...
CVE-2024-48760
An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.cgi file, enabling remote command execution...
The vulnerability of the httpd upload.cgi component of InHand Networks’ InRouter302 microprogramming router software allows for unlimited uploading of dangerous files, enabling attackers to upload any desired files.
The vulnerability of the httpdupload.cgi component of InHand Networks’ InRouter302 microprogramming system involves unlimited uploading of dangerous files. Exploiting this vulnerability allows a malicious actor to upload any files into the system using a specially created HTTP request...