GL-Inet GL-AXT1800 安全漏洞

The GL-Inet GL-AXT1800 is a WiFi6 wireless router from GL-Inet China. A security vulnerability exists in the GL-Inet GL-AXT1800 v4.6.8, which stems from improper input cleanup of the plugins.installpackage RPC method, which could lead to the execution of arbitrary commands...

GHSA-H4RF-624J-GJ33 terminal-controller-mcp vulnerable to Command Injection

A command injection vulnerability in the executecommand function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary commands via a crafted input...

CVE-1999-0252

Buffer overflow in listserv allows arbitrary command execution...

CVE-1999-0148

The handler CGI program in IRIX allows arbitrary command execution...

CVE-1999-0302

SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server...

CVE-1999-0037

Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail...

CVE-2019-12840

In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi...

CVE-2019-12767

An issue was discovered on D-Link DAP-1650 devices before 1.04B02J65H Hot Fix. Attackers can execute arbitrary commands...

CVE-2019-12585

Apcupsd 0.3.915, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsdstatus.php...

CVE-2025-61492

The CVE describes a command injection in terminal-controller-mcp 0.1.7, specifically in the execute_command function. Attackers can inject commands via crafted input to achieve arbitrary command execution, with the CVSSv3.1 scoring indicating network access, low attack complexity, and no privileg...

Kieback&Peter Neutrino-GLT 操作系统命令注入漏洞

Kieback&Peter Neutrino-GLT is a building management system from Kieback&Peter, Germany. Kieback&Peter Neutrino-GLT suffers from an operating system command injection vulnerability that stems from a shell command injection in the web component SM70 PHWEB login form, which could lead to the executi...

Passy 安全漏洞

Passy is a physical access management platform from Passy, an Italian company. A security vulnerability exists in Passy version 1.6.3 that originates from a specially crafted HTTP request and could lead to the execution of arbitrary commands...

PT-2026-4295

Name of the Vulnerable Software and Affected Versions Incus versions 6.21.0 and below IncusOS affected versions not specified Description Incus is a system container and virtual machine manager. A flaw exists where a user capable of launching containers with custom images e.g., a member of the...

CVE-2025-68700

RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In versions prior to 0.23.0, a low-privileged authenticated user normal login account can execute arbitrary system commands on the server host process via the frontend Canvas CodeExec component, completely bypassing sandbox...

CVE-2025-68668 n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands...

CVE-2025-68668 n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands...

CVE-2025-68668 n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands...

CVE-2025-68668

CVE-2025-68668 affects n8n 1.x (1.0.0 up to

GHSA-62R4-HW23-CC8V n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

Impact A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process...

n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node

Impact A sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. An authenticated user with permission to create or modify workflows can exploit this vulnerability to execute arbitrary commands on the host system running n8n, using the same privileges as the n8n process...