Lucene search
K

397 matches found

CVE
CVE
added 2026/05/12 7:15 p.m.18 views

CVE-2026-44868

CVE-2026-44868 affects the web-based management interfaces of AOS-8 and AOS-10. Description: authenticated remote command injection could allow execution of arbitrary OS commands. CVSS v3.1 base score 7.2 (HIGH) with network attack vector, low access complexity, and privileges required as HIGH. I...

8.8CVSS6.1AI score0.00896EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/12 7:13 p.m.37 views

CVE-2026-44867 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS0.00896EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 7:12 p.m.15 views

CVE-2026-44866

The vulnerability affects the web-based management interface of AOS-8 and AOS-10 Operating Systems. The issue is a command injection in the web interface that could allow an authenticated remote attacker to execute arbitrary commands on the underlying OS . Documented by multiple sources, the CVE ...

8.8CVSS6.1AI score0.00896EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/12 7:12 p.m.35 views

CVE-2026-44865 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS0.00918EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 6:38 p.m.36 views

CVE-2026-23823 Authenticated Command Injection leads to RCE in AOS-10 CLI Command

A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. NOTE: This vulnerability only...

7.2CVSS0.00957EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 6:35 p.m.17 views

CVE-2026-23821

CVE-2026-23821 affects Access Points running AOS-10. The issue exists in the configuration processing logic and could allow an authenticated remote attacker to execute system commands on the underlying OS under certain pre‑existing conditions. Impact is described as arbitrary command execution wi...

7.2CVSS6.1AI score0.00616EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 6:35 p.m.7 views

CVE-2026-23821 Inconsistent input filtering allows Authenticated Command Injection in AOS-10 CLI

A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying...

7.2CVSS6.1AI score0.00616EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 6:34 p.m.8 views

CVE-2026-23820 Inconsistent input filtering allows Authenticated Command Injection in AOS-8 Instant and AOS-10 CLI

A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlyin...

7.2CVSS6.1AI score0.00555EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2026/04/29 12:0 a.m.100 views

Atlona ATOMERX21 - Authenticated Command Injection

// Exploit Title: Atlona AT-OME-RX21 Authenticated Command Injection // Google Dork: N/A // Date: 2025-12-28 // Exploit Author: RIZZZIOM // Vendor Homepage: https://atlona.com // Software Link: https://atlona.com/product/at-ome-rx21/ // Version: Firmware -u -p -l -P -c package main import "bytes"...

6.3CVSS5.3AI score0.01143EPSS
Exploits2
EUVD
EUVD
added 2026/04/17 9:31 p.m.7 views

EUVD-2026-23521

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution e.g., starting telnetd, resulting in root‑level access...

8.8CVSS6AI score0.01787EPSS
Exploits0References4
NVD
NVD
added 2026/04/17 8:16 p.m.9 views

CVE-2026-35682

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution e.g., starting telnetd, resulting in root‑level access...

8.8CVSS0.01787EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/17 7:46 p.m.21 views

CVE-2026-35682 Anviz CX2 Lite Command Injection

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution e.g., starting telnetd, resulting in root‑level access...

8.8CVSS0.01787EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/14 8:37 p.m.3 views

CVE-2026-24893 openITCOCKPIT has Authenticated Command Injection Leading to Remote Code Execution via Host Address Macro Expansion

openITCOCKPIT is an open source monitoring tool built for different monitoring engines. openITCOCKPIT Community Edition prior to version 5.5.2 contains a command injection vulnerability that allows an authenticated user with permission to add or modify hosts to execute arbitrary OS commands on th...

8.8CVSS6.4AI score0.01398EPSS
Exploits0References3
CVE
CVE
added 2026/04/14 8:37 p.m.12 views

CVE-2026-24893

openITCOCKPIT Community Edition

8.8CVSS6.4AI score0.01398EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/29 6:30 p.m.6 views

EUVD-2026-17041

In Sofia on Xiongmai DVR/NVR AHB7008T-MH-V2 and NBD7024H-P 4.03.R11 devices, root OS command injection can occur via shell metacharacters in the HostName value via an authenticated DVRIP protocol TCP port 34567 request to the NetWork.NetCommon configuration handler, because system is used...

8.8CVSS5.9AI score0.01539EPSS
Exploits0References3
OSV
OSV
added 2026/03/17 11:43 p.m.6 views

CVE-2026-27811 Roxy-WI has a Command Injection via diff parameter in config comparison allows authenticated RCE

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.3, a command injection vulnerability exists in the /config/compare///show endpoint, allowed authenticated users to execute arbitrary system commands on the app host. The vulnerability...

8.8CVSS6.2AI score0.02037EPSS
Exploits1References5
CVE
CVE
added 2026/03/11 3:13 a.m.10 views

CVE-2026-23816

The CVE-2026-23816 entry describes a vulnerability in the command line interface of AOS-CX Switches that could allow an authenticated remote attacker to execute arbitrary OS commands. The CVSSv3.1 base score is 7.2 (HIGH) with network access, low attack complexity, and privileges required: HIGH, ...

7.2CVSS6.1AI score0.00671EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/11 3:13 a.m.29 views

CVE-2026-23816 Authenticated Command Injection found in admin AOS-CX CLI command

A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS0.00671EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 3:11 a.m.5 views

CVE-2026-23814 Authenticated Command Injection found in AOS-CX CLI Command

A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior...

8.8CVSS5.8AI score0.0055EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/03/10 4:1 p.m.144 views

Exploit for OS Command Injection in Gl-Inet Gl-Mt300N-V2_Firmware

GL-InjectoR: CVE-2022-31898 Authenticated Command Injection in...

6.8CVSS5.8AI score0.15933EPSS
Exploits4
Rows per page
Query Builder