Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2025/12/11 6:16 p.m.3 views

CVE-2025-56088

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

8.8CVSS0.0028EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/12/11 12:0 a.m.3 views

CVE-2025-56088

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the actionservice in file /usr/lib/lua/luci/controller/admin/service.lua...

7.5AI score0.0028EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/12/11 12:0 a.m.4 views

PT-2025-50658

Name of the Vulnerable Software and Affected Versions Ruijie RG-BCR RG-BCR860 affected versions not specified Description An issue exists that allows attackers to execute arbitrary commands. This can be triggered by sending a specially crafted POST request to the action service within the file...

8.8CVSS7AI score0.0028EPSS
Exploits1References5
CVE
CVEadded 2025/01/03 9:31 p.m.50 views

CVE-2024-13129

CVE-2024-13129 affects Roxy-WI up to version 8.1.3. The vulnerability resides in action_service (file app/modules/roxywi/roxy.py): manipulating the action/service argument enables operating system command injection. The issue can be exploited remotely and publicly disclosed exploits exist. Mitiga...

9CVSS9.2AI score0.05632EPSS
Exploits0References8
CNNVD
CNNVDadded 2025/01/03 12:0 a.m.1 views

Roxy-WI 操作系统命令注入漏洞

Roxy-WI is a Roxy-WI open source web interface for managing Haproxy, Nginx and Keepalived servers. An operating system command injection vulnerability exists in Roxy-WI 8.1.3 and earlier versions, which stems from the parameter action/service in the actionservice function of the file...

9CVSS8.9AI score0.05632EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2025/01/03 12:0 a.m.3 views

PT-2025-2015 · Roxy-Wi · Roxy-Wi

Name of the Vulnerable Software and Affected Versions: Roxy-WI versions up to 8.1.3 Description: A critical issue has been found in Roxy-WI, affecting the action service function of the file app/modules/roxywi/roxy.py. The manipulation of the action/service argument leads to os command injection...

9CVSS9.2AI score0.05632EPSS
Exploits0References14
Positive Technologies
Positive Technologiesadded 2024/10/31 12:0 a.m.2 views

PT-2024-16394 · Safenet · Esafenet Cdg 5

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG 5 Description: A critical vulnerability has been found in ESAFENET CDG 5, affecting the function delPolicyAction of the file /com/esafenet/servlet/system/PolicyActionService.java. The manipulation of the argument id leads to SQL...

9.8CVSS7.4AI score0.00106EPSS
Exploits1References15
Rows per page
Query Builder