637 matches found
CVE-2026-8913
A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when...
[SECURITY] Fedora 44 Update: tailscale-1.98.4-1.fc44
The easiest, most secure way to use WireGuard and 2FA...
CVE-2026-8913
A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when...
EUVD-2026-35176
A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when...
CVE-2026-8913 Command Injection in TP-Link's Archer MR600 WireGuard Client Configuration
A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when...
CVE-2026-8913 Command Injection in TP-Link's Archer MR600 WireGuard Client Configuration
A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when...
CVE-2026-8913
A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when...
PT-2026-47442
A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when...
TP-Link Archer MR600 操作系统命令注入漏洞
The TP-Link Archer MR600 is a wireless router produced by TP-Link Corporation. The TP-Link Archer MR600 v5 version has a vulnerability related to operating system command injection. This vulnerability stems from improper handling of user-controlled inputs in the web management interface, leading ...
CVE-2026-38704
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
CVE-2026-38704
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
CVE-2026-38704
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
CVE-2026-38704
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
InHand IR Series 安全漏洞
The InHand IR Series is a series of industrial-grade cellular wireless routers produced by InHand Corporation in the United States. The InHand IR Series contains a security vulnerability, which stems from command injection in the WireGuard VPN function. This vulnerability may allow attackers to...
CVE-2026-38704
A command injection vulnerability exists in the WireGuard VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target...
PT-2026-44405
Name of the Vulnerable Software and Affected Versions InHand Networks IR302 versions prior to V3.5.108 InHand Networks IR305 versions prior to V1.0.118 InHand Networks IR315 versions prior to V1.0.118 InHand Networks IR615 versions prior to V1.0.118 Description A command injection issue exists in...
CVE-2026-38704
CVE-2026-38704 describes a command injection vulnerability in the WireGuard VPN feature of InHand Networks firmware. Affected devices include IR302 (V3.5.108), IR305 (V1.0.118), IR315 (V1.0.118), IR615 (V1.0.118), and earlier versions. Successful exploitation can yield ROOT privileges on remote t...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: WireGuard: netlink: Check for a dangling peer via isdead instead of an empty list If all peers are removed using wgpeerremoveall, rather than setting peerlist to empty, the peer is added to a temporary list at the beginning of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wireguard: Receive: Annotated data-race around receivingcounter.counter. Syzkaller with KCSAN identified a data-race issue when accessing keypair-receivingcounter.counter. Use READONCE and WRITEONCE annotations to mark the dat...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: WireGuard: netlink: Access the device through ctx instead of peer. The previous commit fixed a bug that resulted in a NULL peer-device being dereferenced. In terms of performance, it is actually easier and faster to obtain the...