Dell PowerProtect Data Domain OS Command Injection Vulnerability (CNVD-2025-22716)

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell, USA. A security vulnerability exists in Dell PowerProtect Data Domain, which can be exploited by an attacker to potentially cause arbitrary...

Dell PowerProtect Data Domain OS Command Injection Vulnerability (CNVD-2025-22718)

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell, USA. A security vulnerability exists in Dell PowerProtect Data Domain, which can be exploited by an attacker to cause arbitrary commands to be...

Dell Unity svc_nas Utility OS Command Injection Vulnerability

Dell Unity is a set of virtual Unity storage environments from Dell USA. An operating system command injection vulnerability exists in Dell Unity 5.5 and prior versions, which stems from the svcnas utility program failing to properly filter construct command special characters, commands, etc. An...

TOTOLINK N600R Command Injection Vulnerability

TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, which supports 2.4GHz and 5GHz bands to work concurrently, with a maximum wireless transmission rate of up to 300Mbps. The TOTOLINK N600R suffers from a command injection vulnerability that stems from the pin...

Dell Unity svc_nfssupport utility OS command injection vulnerability

Dell Unity is a set of virtual Unity storage environments from Dell USA. An operating system command injection vulnerability exists in Dell Unity 5.5 and prior versions, which stems from the svcnfssupport utility failing to properly filter construct command special characters, commands, etc. An...

The vulnerability in the web interface for managing the Cisco Unified Intelligence Center reporting software and the Cisco Unified Contact Center Express operator automation software allows a malicious individual to execute arbitrary commands and increase their privileges.

The vulnerability in the web interface for creating reports using the Cisco Unified Intelligence Center and the Cisco Unified Contact Center Express software lies in the unlimited download of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and...

CVE-2025-54958

Powered BLUE 870 versions 0.20130927 and prior contain an OS command injection vulnerability. If this vulnerability is exploited, arbitrary OS commands may be executed on the affected product...

CVE-2024-58255

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

CVE-2024-58257

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

CVE-2024-58256

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

CVE-2025-8748

MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A malicious HTTP request crafted by an authenticated user could allow the execution of arbitrary commands on the underlying operating system...

CVE-2025-54958

Powered BLUE 870 versions 0.20130927 and prior contain an OS command injection vulnerability. If this vulnerability is exploited, arbitrary OS commands may be executed on the affected product...

CVE-2024-58257

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

CVE-2024-58256

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

CVE-2024-58256

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

CVE-2024-58255

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

CVE-2024-58255

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

CVE-2024-58255

CVE-2024-58255 is an OS command injection vulnerability affecting Huawei EnzoH devices (e.g., EnzoH-W5611T). The root cause, as described in CNVD, is that certain variables in a get variable are set directly without validation, enabling arbitrary command execution if exploited locally. Several so...

CVE-2024-58255

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...

CVE-2024-58257

EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution...