Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:36 a.m.3 views

CVE-2024-34338

Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerabili...

7.2CVSS8.5AI score0.01351EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-36171

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.03809EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-34731

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.01351EPSS
Exploits1References1
OSV
OSVadded 2024/11/11 8:15 p.m.0 views

CVE-2024-36061

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...

9.8CVSS6AI score0.01059EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/10/30 12:0 a.m.2 views

PT-2024-26872 · Engenius · Engenius Enstation5-Ac

Name of the Vulnerable Software and Affected Versions: EnGenius EnStation5-AC A8J-ENS500AC version 1.0.0 Description: The issue allows blind OS command injection via shell metacharacters in the Ping and Speed Test parameters. This can potentially be exploited to execute unauthorized commands on t...

8.8CVSS7.6AI score0.00364EPSS
Exploits0References4
CNNVD
CNNVDadded 2024/10/30 12:0 a.m.1 views

EnGenius EnStation5-AC A8J-ENS500AC 安全漏洞

The EnGenius EnStation5-AC A8J-ENS500AC is a wireless access point from EnGenius. A security vulnerability exists in the EnGenius EnStation5-AC A8J-ENS500AC version 1.0.0, which originates from allowing blind injection of operating system commands via shell metacharacters in the parameters Ping a...

8.8CVSS7.3AI score0.00364EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2024/10/14 12:0 a.m.350 views

TOTOLINK 9.x Command Injection

============================================================================================================================================= | Title : TOTOLINK 9.x Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.2 64 bits | |...

7.4AI score
Exploits0
OSV
OSVadded 2024/06/04 7:20 p.m.0 views

CVE-2024-36604

Tenda O3V2 v1.0.0.123880 was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. This vulnerability allows attackers to execute arbitrary commands with root privileges...

9.8CVSS6.1AI score
Exploits0References1
NVD
NVDadded 2024/06/04 7:20 p.m.12 views

CVE-2024-36604

Tenda O3V2 v1.0.0.123880 was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. This vulnerability allows attackers to execute arbitrary commands with root privileges...

9.8CVSS8.1AI score0.03809EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/06/04 5:14 p.m.10 views

CVE-2024-36604

Tenda O3V2 v1.0.0.123880 was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. This vulnerability allows attackers to execute arbitrary commands with root privileges...

8.1AI score0.03809EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/06/04 12:0 a.m.2 views

PT-2024-27092 · Tenda · Tenda O3V2

Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.123880 Description: The issue is related to a Blind Command Injection via the stpEn parameter in the SetStp function, allowing attackers to execute arbitrary commands with root privileges. Recommendations: For Tenda...

9.8CVSS8.2AI score0.03809EPSS
Exploits1References6
OSV
OSVadded 2024/05/14 3:38 p.m.0 views

CVE-2024-34338

Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerabili...

7.2CVSS6.1AI score0.01351EPSS
Exploits1References1
NVD
NVDadded 2024/05/14 3:38 p.m.8 views

CVE-2024-34338

Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerabili...

7.2CVSS8.2AI score0.01351EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2024/05/09 5:51 p.m.14 views

CVE-2024-34338

Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerabili...

8.5AI score0.01351EPSS
Exploits1References1
Cvelist
Cvelistadded 2024/05/09 5:51 p.m.21 views

CVE-2024-34338

Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerabili...

8.4AI score0.01351EPSS
Exploits1References1
OSV
OSVadded 2023/10/03 9:15 p.m.0 views

CVE-2023-33270

An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check function is vulnerable to OS command injection blind...

9.8CVSS5.8AI score0.01141EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2023/10/03 9:15 p.m.0 views

CVE-2023-33271

An issue was discovered in DTS Monitoring 3.57.0. The parameter commonname within the SSL Certificate check function is vulnerable to OS command injection blind...

9.8CVSS7.3AI score0.00983EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2023/10/03 9:15 p.m.0 views

CVE-2023-33270

An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check function is vulnerable to OS command injection blind...

9.8CVSS7.3AI score0.01141EPSS
Exploits1References2
exploitpack
exploitpackadded 2019/11/28 12:0 a.m.34 views

Mersive Solstice 2.8.0 - Remote Code Execution

Mersive Solstice 2.8.0 - Remote Code Execution Exploit Title: Mersive Solstice 2.8.0 - Remote Code Execution Google Dork: N/A Date: 2016-12-23 Exploit Author: Alexandre Teyar Vendor Homepage: https://www2.mersive.com/ Firmware Link:...

9CVSS9.2AI score0.25432EPSS
Exploits5
Packet Storm
Packet Stormadded 2019/11/28 12:0 a.m.228 views

Mersive Solstice 2.8.0 Remote Code Execution

Exploit Title: Mersive Solstice 2.8.0 - Remote Code Execution Google Dork: N/A Date: 2016-12-23 Exploit Author: Alexandre Teyar Vendor Homepage: https://www2.mersive.com/ Firmware Link: http://www.mersive.com/Support/Releases/SolsticeServer/SGE/Android/2.8.0/Solstice.apk Versions: 2.8.0 Tested On...

8.9AI score0.25432EPSS
Exploits5
Rows per page
Query Builder