PT-2026-5771

Name of the Vulnerable Software and Affected Versions ASUSTOR ADM versions 4.1.0 through 4.3.3.ROF1 ASUSTOR ADM versions 5.0.0 through 5.1.1.RCI1 Description An improper input parameters validation issue exists in a specific CGI program when a particular function is enabled during Active Director...

PT-2025-19322

Name of the Vulnerable Software and Affected Versions Synology Router Manager SRM affected versions not specified FileStation affected versions not specified Description A security issue exists in Synology Router Manager SRM related to insufficient protection of service data. Remote attackers may...

WAVLINK AC3000 命令注入漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the firewall.cgi iptablesWebsFilterRun function failing to correctly filter constructor command special characters, commands,...

ZyXEL LTE4506-M606 访问控制错误漏洞

The ZyXEL LTE4506-M606 is a router from China ZyXEL. It provides network connectivity. A security vulnerability exists in the ZyXEL LTE4506-M606 V1.00ABDO.2C0, which originates from a Web CGI script that does not require authentication, and can be exploited by an attacker to use all features...

RiSearch show.pl Open Proxy Relay

The remote host seems to be running RiSearch, a local search engine. There is a flaw in the CGI 'show.pl' which is bundled with this software that could allow an attacker to use the remote host as an open proxy by doing a request like :...

smb2www Unspecified Arbitrary Remote Command Execution

The remote host is running smb2www - a SMB to WWW gateway. There is a flaw in the version of this CGI which allows anyone to execute arbitrary commands on this host by sending a malformed argument to smbshr.pl, one of the components of this solution. %NASLMINLEVEL 70300 C Tenable Network Security...

Technote main.cgi filename Parameter Traversal Arbitrary File Access

The technote CGI board is installed. This board has a well known security flaw in the CGI main.cgi that lets an attacker read arbitrary files with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

NSFOCUS SA2000-09 : AHG EZshopper Loadpage.cgi File List Disclosure Vulnerability

NSFOCUS Security AdvisorySA2000-09 Topic: AHG EZshopper Loadpage.cgi File List Disclosure Vulnerability Release DateЈє Dec 13rd, 2000 CVE Candidate Numbers: CAN-2000-1092 Affected system: ================ Alex Heiphetz Group EZshopper v.3.0 for Unix Alex Heiphetz Group EZshopper v.2.0 for Unix...

sambar-http.txt

Sambar Server search CGI vulnerability + Advisory by dethy www.synnergy.net |==============================================| Advisory 13 Vulnerable: Sambar Server 4.4 Beta 3 Systems : WinNT, Win95 OSR2, possibly Linux affected Product : http://www.sambar.com Discovery : [email protected]...