InHand Networks InRouter302 操作系统命令注入漏洞

InHand Networks InRouter Series is a series of routers from InHand Networks, Inc. InHand Networks InRouter302 version V3.5.37 contains an operating system command injection vulnerability that can be exploited by attackers to cause arbitrary command execution...

InHand Networks InRouter302操作系统命令注入漏洞

InHand Networks InRouter Series is a series of routers from InHand Networks, Inc. InHand Networks InRouter302 version V3.5.4 contains an operating system command injection vulnerability that can be exploited by attackers to cause arbitrary command execution...

InHand Networks InRouter302 操作系统命令注入漏洞

InHand Networks InRouter Series is a series of routers from InHand Networks, Inc. InHand Networks InRouter302 version V3.5.37 contains an operating system command injection vulnerability that can be exploited by attackers to cause arbitrary command execution...

The vulnerability of the cgi-bin/webupg component in D-Link DIR-825AC G1 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the cgi-bin/webupg component in D-Link DIR-825AC G1 router microprogramming software is related to incorrect processing of the cmd parameter. Exploiting this vulnerability allows an attacker to execute arbitrary commands using a specially created POST request...

InHand Networks InRouter Series 操作系统命令注入漏洞

InHand Networks InRouter Series is a series of routers from InHand Networks, Inc. InHand Networks InRouter302 version 3.5.4 has an operating system command injection vulnerability that can be exploited by attackers to execute arbitrary commands with the help of specially crafted network requests...

InHand Networks InRouter302 httpd wlscan_ASP OS command injection vulnerability

Summary An OS command injection vulnerability exists in the httpd wlscanASP functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested...

Tenda AC15 Command Injection Vulnerability

The Tenda AC15 is a wireless router from the Chinese company Tenda. The Tenda AC15 has a security vulnerability that can be exploited by an attacker to cause unconditional arbitrary command execution in conjunction with CVE-2021-44971...

CVE-2022-28583

It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

CVE-2022-28584

It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

CVE-2022-28575

It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows attackers to execute arbitrary commands through a carefully constructed payload...

CVE-2022-28577

It is found that there is a command injection vulnerability in the delParentalRules interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

CVE-2022-28584

It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

CVE-2022-28581

It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

CVE-2022-28695

On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, an authenticated attacker with high privileges can upload a maliciously crafted file to the BIG-IP AFM Configuration utility, which allows...

CVE-2022-28695

CVE-2022-28695 affects F5 BIG-IP AFM/ TMUI: an authenticated attacker with high privileges can upload a maliciously crafted file via the BIG-IP AFM Configuration utility to execute arbitrary commands on the system. Affected branches and fixes (per vendor advisory): BIG-IP AFM 16.1.x versions 16.1...

PT-2022-19172 · F5 · Big-Ip Afm

Name of the Vulnerable Software and Affected Versions: F5 BIG-IP AFM versions prior to 16.1.2.2 F5 BIG-IP AFM versions prior to 15.1.5.1 F5 BIG-IP AFM versions prior to 14.1.4.6 F5 BIG-IP AFM versions prior to 13.1.5 Description: An authenticated attacker with high privileges can upload a...

Jfinal CMS 安全漏洞

Jfinal CMS is a powerful information consulting website developed in java, using the simple and powerful JFinal as a web framework, template engine with beetl, database with mysql, front-end bootstrap framework. jfinal CMS version 5.0.1 has a command injection vulnerability, which originates from...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router from TOTOLINK China. A command injection vulnerability exists in the delParentalRules interface of the TOTOLINK A7100RU v7.4cu.2313b20191024 router, which can be exploited by an attacker to execute arbitrary commands via a carefully constructed attack...

CVE-2022-20799

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to...

CVE-2022-20801

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to...