CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

RedhatCVE•added 2026/01/09 9:36 a.m.•3 views

CVE-2024-34338

Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerabili...

7.2CVSS8.5AI score0.01351EPSS

Exploits1References1

Packet Storm•added 2025/12/26 12:0 a.m.•190 views

📄 Backdoor.Win32.Netbus.170 Blind Command Execution

This Metasploit module provides historical/educational exploitation of the Backdoor.Win32.Netbus.170 trojan, originally discovered in 1998. It represents a legacy proof-of-concept rather than a modern offensive security tool...

6.9AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-36171

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.03809EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-34731

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.01351EPSS

Exploits1References1

OSV•added 2024/11/11 8:15 p.m.•0 views

CVE-2024-36061

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...

9.8CVSS6AI score0.01059EPSS

Exploits0References1

Positive Technologies•added 2024/10/30 12:0 a.m.•1 views

PT-2024-26872 · Engenius · Engenius Enstation5-Ac

Name of the Vulnerable Software and Affected Versions: EnGenius EnStation5-AC A8J-ENS500AC version 1.0.0 Description: The issue allows blind OS command injection via shell metacharacters in the Ping and Speed Test parameters. This can potentially be exploited to execute unauthorized commands on t...

8.8CVSS7.6AI score0.00364EPSS

Exploits0References4

CNNVD•added 2024/10/30 12:0 a.m.•1 views

EnGenius EnStation5-AC A8J-ENS500AC 安全漏洞

The EnGenius EnStation5-AC A8J-ENS500AC is a wireless access point from EnGenius. A security vulnerability exists in the EnGenius EnStation5-AC A8J-ENS500AC version 1.0.0, which originates from allowing blind injection of operating system commands via shell metacharacters in the parameters Ping a...

8.8CVSS7.3AI score0.00364EPSS

Exploits0References1

Packet Storm•added 2024/10/14 12:0 a.m.•349 views

TOTOLINK 9.x Command Injection

============================================================================================================================================= | Title : TOTOLINK 9.x Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits | |...

7.4AI score

Exploits0

GithubExploit•added 2024/09/16 3:33 p.m.•262 views

Exploit for OS Command Injection in Ivanti Cloud_Services_Appliance

CVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Co...

7.2CVSS8.9AI score0.9191EPSS

Exploits2

OSV•added 2024/06/04 7:20 p.m.•0 views

CVE-2024-36604

Tenda O3V2 v1.0.0.123880 was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. This vulnerability allows attackers to execute arbitrary commands with root privileges...

9.8CVSS6.1AI score

Exploits0References1

NVD•added 2024/06/04 7:20 p.m.•12 views

CVE-2024-36604

9.8CVSS8.1AI score0.03809EPSS

Exploits1References1

Cvelist•added 2024/06/04 5:14 p.m.•10 views

CVE-2024-36604

8.1AI score0.03809EPSS

Exploits1References1

Positive Technologies•added 2024/06/04 12:0 a.m.•2 views

PT-2024-27092 · Tenda · Tenda O3V2

Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.123880 Description: The issue is related to a Blind Command Injection via the stpEn parameter in the SetStp function, allowing attackers to execute arbitrary commands with root privileges. Recommendations: For Tenda...

9.8CVSS8.2AI score0.03809EPSS

Exploits1References6

OSV•added 2024/05/14 3:38 p.m.•0 views

CVE-2024-34338

7.2CVSS6.1AI score0.01351EPSS

Exploits1References1

NVD•added 2024/05/14 3:38 p.m.•8 views

CVE-2024-34338

7.2CVSS8.2AI score0.01351EPSS

Exploits1References1

Vulnrichment•added 2024/05/09 5:51 p.m.•14 views

CVE-2024-34338

8.5AI score0.01351EPSS

Exploits1References1

Cvelist•added 2024/05/09 5:51 p.m.•21 views

CVE-2024-34338

8.4AI score0.01351EPSS

Exploits1References1

OSV•added 2023/10/03 9:15 p.m.•0 views

CVE-2023-33270

An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check function is vulnerable to OS command injection blind...

9.8CVSS5.8AI score0.01141EPSS

Exploits1References1

ATTACKERKB•added 2023/10/03 9:15 p.m.•0 views

CVE-2023-33271

An issue was discovered in DTS Monitoring 3.57.0. The parameter commonname within the SSL Certificate check function is vulnerable to OS command injection blind...

9.8CVSS7.3AI score0.00983EPSS

Exploits1References2

ATTACKERKB•added 2023/10/03 9:15 p.m.•0 views

CVE-2023-33270

An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check function is vulnerable to OS command injection blind...

9.8CVSS7.3AI score0.01141EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by