Lucene search
K

41 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-38984

Malicious code in bioql PyPI...

6.1CVSS7AI score0.0074EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-38983

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.0106EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-38982

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.01207EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:10 a.m.8 views

CVE-2022-36265

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the devi...

7.2CVSS7.3AI score0.0106EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:12 p.m.9 views

CVE-2022-36267

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code...

9.8CVSS8.4AI score0.53752EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:11 p.m.14 views

CVE-2022-36264

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename a...

9.1CVSS7.1AI score0.01207EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2024/01/08 10:23 p.m.541 views

Exploit for CVE-2022-36267

CVE-2022-36267 - Airspan AirSpot 5410 Unauthenticated Remote C...

9.8CVSS9.8AI score0.53752EPSS
Exploits5
The Hacker News
The Hacker News
added 2023/02/17 9:25 a.m.62 views

New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different...

7.5CVSS1.1AI score0.70252EPSS
Exploits2
VulnCheck KEV
VulnCheck KEV
added 2023/02/15 12:0 a.m.3 views

VulnCheck KEV: CVE-2022-36267

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code...

9.8CVSS7.4AI score0.53752EPSS
Exploits5References1
Check Point Advisories
Check Point Advisories
added 2022/11/23 12:0 a.m.14 views

Airspan AirSpot 5410 Command Injection (CVE-2022-36267)

A command injection vulnerability exists in Airspan AirSpot 5410. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5AI score0.53752EPSS
Exploits5
Saint
Saint
added 2022/09/27 12:0 a.m.112 views

Airspan AirSpot pingDiagnostic command injection

Added: 09/27/2022 Background Airspan AirSpot 5410 is an advanced, LTE, CAT12, outdoor, multi-service product specifically designed to meet data needs for residential, business and enterprise users. Problem A command injection vulnerability when diagnostics.cgi handles the pingDiagnostic command...

8.4AI score
Exploits0
Saint
Saint
added 2022/09/27 12:0 a.m.201 views

Airspan AirSpot pingDiagnostic command injection

Added: 09/27/2022 Background Airspan AirSpot 5410 is an advanced, LTE, CAT12, outdoor, multi-service product specifically designed to meet data needs for residential, business and enterprise users. Problem A command injection vulnerability when diagnostics.cgi handles the pingDiagnostic command...

8.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/09/20 12:0 a.m.86 views

Airspan AirSpot 5410 version 0.3.4.1 - Remote Code Execution (RCE)

Exploit Title: Airspan AirSpot 5410 version 0.3.4.1 - Remote Code Execution RCE Date: 7/26/2022 Exploit Author: Samy Younsi NSLABS https://samy.link Vendor Homepage: https://www.airspan.com/ Software Link: https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf Version: 0.3.4.1-4 and under. Tested on:...

9.8CVSS9.7AI score0.53752EPSS
Exploits5
NVD
NVD
added 2022/08/08 3:15 p.m.36 views

CVE-2022-36267

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code...

9.8CVSS0.53752EPSS
Exploits5References3
OSV
OSV
added 2022/08/08 3:15 p.m.4 views

CVE-2022-36267

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code...

9.8CVSS6AI score0.53752EPSS
Exploits5References3
ATTACKERKB
ATTACKERKB
added 2022/08/08 3:15 p.m.227 views

CVE-2022-36267

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code...

9.8CVSS7.7AI score0.53752EPSS
In wildExploits5References4
OSV
OSV
added 2022/08/08 3:15 p.m.3 views

CVE-2022-36266

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a stored XSS vulnerability. As the binary file /home/www/cgi-bin/login.cgi does not check if the user is authenticated, a malicious actor can craft a specific request on the login.cgi endpoint that contains a base32 encoded XSS...

6.1CVSS5.8AI score0.0074EPSS
Exploits3References3
NVD
NVD
added 2022/08/08 3:15 p.m.20 views

CVE-2022-36265

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the devi...

7.2CVSS0.0106EPSS
Exploits1References2
NVD
NVD
added 2022/08/08 3:15 p.m.36 views

CVE-2022-36266

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a stored XSS vulnerability. As the binary file /home/www/cgi-bin/login.cgi does not check if the user is authenticated, a malicious actor can craft a specific request on the login.cgi endpoint that contains a base32 encoded XSS...

6.1CVSS0.0074EPSS
Exploits3References3
NVD
NVD
added 2022/08/08 3:15 p.m.26 views

CVE-2022-36264

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename a...

9.1CVSS0.01207EPSS
Exploits1References2
Rows per page
Query Builder