Lucene search
K

62 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.11 views

CVE-2021-33963

China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/macaddrclone receives parameters by POST request, and the parameter macType has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...

10CVSS7.8AI score0.03071EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:26 a.m.10 views

CVE-2021-33962

China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability in the web interface /api/ZRUsb/popusbdevice component...

10CVSS7.5AI score0.03708EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-17160

Malware in sbrugna...

9.8CVSS9.4AI score0.0327EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-12695

Malware in sbrugna...

9.8CVSS9.2AI score0.02809EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-20633

Malware in sbrugna...

10CVSS9.2AI score0.03708EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-17166

Malware in sbrugna...

9.8CVSS9.4AI score0.0327EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 9:26 p.m.11 views

CVE-2021-30233

The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iptvvlan parameter...

9.8CVSS8AI score0.0327EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:38 p.m.10 views

CVE-2021-30232

The api/ZRIGMP/setIGMPPROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the IGMPPROXYWANCONNECT parameter...

9.8CVSS8AI score0.0327EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:38 p.m.16 views

CVE-2021-30234

The api/ZRIGMP/setMLDPROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the MLDPROXYWANCONNECT parameter...

9.8CVSS8AI score0.0327EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:38 p.m.8 views

CVE-2021-30231

The api/zrDm/setZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the bssaddr, abiaddr, devtoken, devid, elinksync, or elinkprocenable parameter...

9.8CVSS8AI score0.0327EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:26 p.m.8 views

CVE-2021-25812

Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with a POST request to /api/ZRQos/setonlineclient...

9.8CVSS7.3AI score0.02809EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:9 p.m.7 views

CVE-2021-30228

The api/ZRAndlink/setZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the iandlinkprocenable parameter...

9.8CVSS8AI score0.0327EPSS
Exploits1References1
NVD
NVD
added 2022/01/18 1:15 p.m.17 views

CVE-2021-33965

China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/setZRMesh which receives parameters by POST request, and the parameter meshenable and meshdevice have a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...

8.8CVSS0.02871EPSS
Exploits0References4
Prion
Prion
added 2022/01/18 1:15 p.m.18 views

Command injection

China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/setZRMesh which receives parameters by POST request, and the parameter meshenable and meshdevice have a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...

6.5CVSS9AI score0.02871EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/01/18 12:15 p.m.19 views

CVE-2021-33964

China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/setfirewalllevel which receives parameters by POST request, and the parameter firewalllevel has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...

8.8CVSS0.02871EPSS
Exploits0References4
Prion
Prion
added 2022/01/18 12:15 p.m.20 views

Command injection

China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/setfirewalllevel which receives parameters by POST request, and the parameter firewalllevel has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...

6.5CVSS9AI score0.02871EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2022/01/18 12:1 p.m.47 views

CVE-2021-33965

CVE-2021-33965 affects China Mobile An Lianbao WF-1 V1.0.1 router. The web interface at /api/ZRMesh/set_ZRMesh processes POST parameters mesh_enable and mesh_device and can be abused to perform command injection, enabling remote command execution. This is described across multiple feeds (NVD/Red ...

8.8CVSS8.9AI score0.02871EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/01/18 12:1 p.m.21 views

CVE-2021-33965

China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/setZRMesh which receives parameters by POST request, and the parameter meshenable and meshdevice have a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...

9.2AI score0.02871EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/01/18 11:26 a.m.25 views

CVE-2021-33964

China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter/setfirewalllevel which receives parameters by POST request, and the parameter firewalllevel has a command injection vulnerability. An attacker can use the vulnerability to execute remote commands...

9.2AI score0.02871EPSS
Exploits0References4
CVE
CVE
added 2022/01/18 11:26 a.m.50 views

CVE-2021-33964

CVE-2021-33964 affects the China Mobile An Lianbao WF-1 router (V1.0.1). The issue is a command injection in the web interface endpoint /api/ZRRuleFilter/set_firewall_level, where POSTing the firewall_level parameter can lead to remote command execution. Documented details identify the vulnerable...

8.8CVSS8.9AI score0.02871EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder