Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

242 matches found

CVE
CVEadded 2025/12/03 12:0 a.m.17 views

CVE-2025-57202

CVE-2025-57202 describes a stored XSS in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003. The vulnerability allows an attacker to inject arbitrary web scripts/HTML via a crafted payload in the username field. According to the provided metrics, the CVSS v...

6.1CVSS5.2AI score0.0051EPSS
Exploits2References3Affected Software1
Positive Technologies
Positive Technologiesadded 2025/12/03 12:0 a.m.6 views

PT-2025-48938

A stored cross-site scripting XSS vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field...

6.1CVSS5.7AI score0.0051EPSS
Exploits2References4
CNNVD
CNNVDadded 2025/12/03 12:0 a.m.5 views

AVTech DGM1104 安全漏洞

AVTech DGM1104 is a network video recorder from AVTech Corporation of Taiwan, China. A security vulnerability exists in the AVTech DGM1104 FullImg-1015-1004-1006-1003 version, which originates from an authenticated command injection in the SMB server functionality, and could lead to the execution...

8.8CVSS7.3AI score0.07135EPSS
Exploits2References4
CNNVD
CNNVDadded 2025/12/03 12:0 a.m.5 views

AVTech DGM1104 安全漏洞

AVTech DGM1104 is a network video recorder from AVTech Corporation of Taiwan, China. A security vulnerability exists in the AVTech DGM1104 FullImg-1015-1004-1006-1003 version, which stems from a command injection in the Machine.cgi endpoint that could lead to the execution of arbitrary commands...

8.8CVSS7.5AI score0.02325EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/12/03 12:0 a.m.3 views

AVTech DGM1104 安全漏洞

AVTech DGM1104 is a network video recorder from AVTech Corporation of Taiwan, China. A security vulnerability exists in the AVTech DGM1104 FullImg-1015-1004-1006-1003 version, which originates from an authenticated command injection in the NetFailDetectD binary file, and could lead to the executi...

8.8CVSS7.3AI score0.0296EPSS
Exploits2References4
CNNVD
CNNVDadded 2025/12/03 12:0 a.m.3 views

AVTech DGM1104 安全漏洞

AVTech DGM1104 is a network video recorder from AVTech Corporation of Taiwan, China. A security vulnerability exists in the AVTech DGM1104 FullImg-1015-1004-1006-1003 version, which originates from an authenticated command injection in the testmail function and could lead to the execution of...

6.5CVSS7.3AI score0.02088EPSS
Exploits2References4
CVE
CVEadded 2025/12/03 12:0 a.m.10 views

CVE-2025-57200

The CVE-2025-57200 issue concerns AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003. Affected component: test_mail function, where an authenticated command injection flaw exists. Under the documented vector, an attacker with authenticated access can craft input to execute arbitrary ...

6.5CVSS8AI score0.02088EPSS
Exploits2References3Affected Software1
CVE
CVEadded 2025/12/03 12:0 a.m.15 views

CVE-2025-57201

CVE-2025-57201 affects AVTECH SECURITY DGM1104 FullImg-1015-1004-1006-1003. The issue is an authenticated command-injection vulnerability in the SMB server function that allows an attacker to execute arbitrary commands via a crafted input. CVSSv3.1 vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with...

8.8CVSS8AI score0.07135EPSS
Exploits2References3Affected Software1
Cvelist
Cvelistadded 2025/12/03 12:0 a.m.15 views

CVE-2025-57199

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

0.0296EPSS
Exploits2References3
CVE
CVEadded 2025/12/03 12:0 a.m.12 views

CVE-2025-57198

Summary: CVE-2025-57198 affects AVTECH SECURITY Corporation DGM1104 devices (FullImg-1015-1004-1006-1003). A vulnerability in the Machine.cgi endpoint allows authenticated attackers to inject commands and execute arbitrary code. The exploited input is crafted to trigger the command injection. The...

8.8CVSS8AI score0.02325EPSS
Exploits1References3Affected Software1
GithubExploit
GithubExploitadded 2025/10/13 1:9 p.m.171 views

Exploit for CVE-2025-57199

AvTech PoCs PoCs for...

4.8CVSS7.1AI score0.07135EPSS
Exploits5
The Hacker News
The Hacker Newsadded 2025/10/13 10:12 a.m.6 views

Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Malware campaigns distributing the RondoDox botnet have expanded their targeting focus to exploit more than 50 vulnerabilities across over 30 vendors. The activity, described as akin to an "exploit shotgun" approach, has singled out a wide range of internet-exposed infrastructure, including...

8.8CVSS6.9AI score0.99999EPSS
Exploits7
EUVD
EUVDadded 2025/10/09 9:31 p.m.6 views

EUVD-2016-10792

AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to authenticated OS command injection. The exefile parameter in CloudSetup.cgi is passed to the underlying system command execution without proper validation or whitelisting. An authenticated attacker who can invoke...

8.7CVSS7.3AI score0.04EPSS
Exploits0References7
NVD
NVDadded 2025/10/09 9:15 p.m.6 views

CVE-2016-15047

AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to authenticated OS command injection. The exefile parameter in CloudSetup.cgi is passed to the underlying system command execution without proper validation or whitelisting. An authenticated attacker who can invoke...

8.7CVSS0.04EPSS
Exploits0References6
CVE
CVEadded 2025/10/09 9:10 p.m.20 views

CVE-2016-15047

CVE-2016-15047 (AVTECH CloudSetup.cgi): Authenticated OS command injection via the exefile parameter in CloudSetup.cgi. The parameter is passed to system command execution without proper validation/whitelisting, enabling an authenticated attacker to run arbitrary commands as root and potentially ...

8.7CVSS7.4AI score0.04EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/10/09 9:10 p.m.2 views

CVE-2016-15047 AVTECH CloudSetup.cgi Authenticated Command Injection

AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to authenticated OS command injection. The exefile parameter in CloudSetup.cgi is passed to the underlying system command execution without proper validation or whitelisting. An authenticated attacker who can invoke...

8.7CVSS7.4AI score0.04EPSS
Exploits0References6
Cvelist
Cvelistadded 2025/10/09 9:10 p.m.9 views

CVE-2016-15047 AVTECH CloudSetup.cgi Authenticated Command Injection

AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to authenticated OS command injection. The exefile parameter in CloudSetup.cgi is passed to the underlying system command execution without proper validation or whitelisting. An authenticated attacker who can invoke...

8.7CVSS0.04EPSS
Exploits0References6
CNNVD
CNNVDadded 2025/10/09 12:0 a.m.5 views

AVTECH IP camera 安全漏洞

AVTECH IP camera is a series of network security cameras from AVTECH, a Taiwan, China-based company. A security vulnerability exists in AVTECH IP camera, which stems from an exefile parameter in the CloudSetup.cgi management endpoint that is not properly authenticated or whitelisted, which could...

8.7CVSS7.1AI score0.04EPSS
Exploits0References9
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2008-3924

Malware in sbrugna...

7.5CVSS6.4AI score0.01695EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2019-4875

Malware in sbrugna...

9CVSS8.5AI score0.02995EPSS
Exploits1References4
Rows per page
Query Builder