25 matches found
EUVD-2022-41613
Malicious code in bioql PyPI...
CVE-2022-39066
There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection...
ZTE MF286R SQL Injection Vulnerability
The ZTE MF286R is a wireless router from ZTE Corporation ZTE of China. A security vulnerability exists in the ZTE MF286R that stems from the presence of a SQL injection vulnerability...
ZTE MF286R Command Injection Vulnerability (CNVD-2023-99925)
The ZTE MF286R is a wireless router from China's ZTE Corporation ZTE. A command injection vulnerability exists in the ZTE MF286R CRLVWRGBMF286RV1.0.0B04 version, which originates from an application that fails to properly filter constructed command special characters, commands, and so on. An...
(0Day) ZTE MF286R goahead Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ZTE MF286R routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the SETDEVICELED endpoint. The...
Exploit for Command Injection in Zte Mf286R_Firmware
CVE-2022-39073 Firmware details: wainnerversion: BDPO...
CVE-2022-39073
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands...
Command injection
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands...
PT-2023-13684 · Zte · Zte Mf286R
Name of the Vulnerable Software and Affected Versions: ZTE MF286R affected versions not specified Description: The issue is related to a command injection vulnerability. It occurs due to insufficient validation of the input parameters, allowing an attacker to execute arbitrary commands...
ZTE MF286R和ZTE MF289D SQL注入漏洞
ZTE MF286R and ZTE MF289D are both products of ZTE Corporation ZTE, China.ZTE MF286R is a wireless router.ZTE MF289D is a home wireless router. ZTE Mobile MF286R, MF289D has a SQL injection vulnerability that originates from insufficient validation of the input parameters of the NTP interface,...
CVE-2022-39073
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands...
CVE-2022-39073
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands...
CVE-2022-39073
CVE-2022-39073 affects ZTE MF286R routers. Multiple connected sources confirm a command-injection due to insufficient input validation, enabling arbitrary command execution. Details across Red Hat, CNVD/CNNVD, and CVE records consistently describe the flaw and impact (RCE potential). A GitHub exp...
CVE-2022-39066
There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection...
CVE-2022-39067
There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack...
CVE-2022-39066
There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection...
CVE-2022-39067
There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack...
Sql injection
There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection...
Buffer overflow
There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack...
ZTE MF286R SQL注入漏洞
The ZTE MF286R is a wireless router from ZTE Corporation China.A SQL injection vulnerability exists in previous versions of the ZTE MF286R mf286rb07, which stems from insufficient validation of the input parameters of the phonebook interface. An authenticated attacker could use this vulnerability...