12 matches found
EUVD-2025-13449
Malicious code in bioql PyPI...
EUVD-2024-53545
Malicious code in bioql PyPI...
CVE-2024-57222
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...
CVE-2024-41316
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...
NETGEAR RAX5 apcli_cancel_wps function command injection vulnerability
The NETGEAR RAX5 is a wireless router from NETGEAR. NETGEAR RAX5 suffers from a command injection vulnerability that stems from the failure of the ifname parameter in the apclicancelwps function to correctly filter constructed command special characters, commands, and so on. An attacker can explo...
CVE-2024-57234
NETGEAR RAX5 AX1600 WiFi Router V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...
TOTOLINK A6000R Command Injection Vulnerability
The TOTOLINK A6000R is a high performance wireless router. A command injection vulnerability exists in TOTOLINK A6000R. The vulnerability stems from the mishandling of the apclicancelwps function, and no detailed vulnerability details are provided at this time...
CVE-2024-57222
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...
CVE-2024-57222
The CVE-2024-57222 entry affects Linksys E7350 router firmware 1.1.00.032, where a command-injection vulnerability exists in the apcli_cancel_wps function reachable via the ifname parameter. This allows remote command execution on the device via crafted requests over the network. Multiple connect...
CVE-2024-41316
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...
CVE-2024-41316
CVE-2024-41316 affects TOTOLINK A6000R firmware (version V1.0.1-B20201211.2000). The vulnerability is a command injection via the ifname parameter in the apcli_cancel_wps function, enabling arbitrary command execution with network access. Multiple sources corroborate the issue and describe the af...
CVE-2024-41316
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the ifname parameter in the apclicancelwps function...