7617 matches found
Ruijie RG-EW1200G PRO 安全漏洞
The Ruijie RG-EW1200G PRO is a wireless router from Ruijie China. A security vulnerability exists in the Ruijie RG-EW1200G PRO that stems from improper handling of a specially crafted POST request for moduleget in the file /usr/local/lua/devsta/networkConnect.lua, which could lead to the executio...
Ruijie X30 PRO 安全漏洞
Ruijie X30 PRO is a home wireless router from Ruijie China. A security vulnerability exists in the Ruijie X30 PRO X30-PRO-V109241521 version, which stems from improper handling of a specially crafted POST request for moduleset in the file /usr/local/lua/devsta/nbrcwmp.lua, which could lead to the...
D-Link DCS-930L Command Injection Vulnerability
D-Link DCS-930L is a network camera from China AUO D-Link. The D-Link DCS-930L suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands, etc. in the parameter AdminID in the file /setSystemAdmin. An attacker can...
PT-2025-50325
Unauthenticated Telnet enablement via cstecgi.cgi auth bypass leading to unauthenticated root login with a blank password on factory/reset X5000R V9.1.0u.6369 B20230113 arbitrary command execution. Earlier versions that share the same implementation, may also be affected...
Jenkins plugin Git client 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
AZL-72556 CVE-2025-2296 affecting package edk2 for versions less than 20230301gitf80f052277c8-44
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...
CVE-2025-2296
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...
CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...
CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...
Linux Distros Unpatched Vulnerability : CVE-2025-2296
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where an attacker may cause Improper Input Validation by local access. Successful exploitation of this vulnerability could...
CVE-2025-27020 Improper configuration of SSH service in Infinera MTC-9
Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0...
EUVD-2025-201427
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to execute arbitrary system commands...
CVE-2025-64053
A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint...
Array Networks ArrayOS AG 操作系统命令注入漏洞
Array Networks ArrayOS AG is an SSL-VPN product from Array Networks, Inc. that enables secure remote access regardless of user, device or location. Providing scalable and controlled remote and mobile access to corporate networks, enterprise applications and cloud services for any user, any device...
PT-2025-49252
Name of the Vulnerable Software and Affected Versions Fanvil x210 V2 version 2.12.20 Description An issue exists that allows unauthenticated attackers on the local network to execute arbitrary system commands. Recommendations Update to a newer version that contains a fix for this vulnerability...
Flexsense DiskBoss 代码问题漏洞
Flexsense DiskBoss is a disk management tool from Flexsense, Inc. A code issue vulnerability exists in Flexsense DiskBoss version 11.7.28, which stems from unquoted service paths and could allow an attacker to elevate privileges and execute arbitrary system commands...
Fanvil x210 安全漏洞
Fanvil x210 is an IP telephony device from Fanvil. A security vulnerability exists in the Fanvil x210 version 2.12.20, which originates from reflective cross-site scripting and could result in a denial of service or execution of arbitrary commands...
CVE-2025-64054
A reflected Cross Site Scripting XSS vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint...
CVE-2025-64053
A Buffer overflow vulnerability on Fanvil x210 2.12.20 devices allows attackers to cause a denial of service or potentially execute arbitrary commands via crafted POST request to the /cgi-bin/webconfig?page=upload&action=submit endpoint...
CVE-2025-57200
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the testmail function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...