Lucene search
+L

18 matches found

cnnvd
cnnvd
added 2026/03/16 12:0 a.m.5 views

D-Link多款产品 命令注入漏洞

D-Link DNS-120, etc., are products of D-Link Corporation from China. The D-Link DNS-120 is a network storage adapter. The D-Link DNR-202L is a network video camera. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection vulnerabilities, which stem...

9.8CVSS6.6AI score0.16779EPSS
Exploits1References14
cnvd
cnvd
added 2026/02/25 12:0 a.m.7 views

Advantech WISE-6610 OS Command Injection Vulnerability

Advantech WISE-6610 is a core gateway device from Advantech, Taiwan, China. The Advantech WISE-6610 suffers from an operating system command injection vulnerability that originates from a misuse of the parameter deletefile in the file /cgi-bin/luci/admin/openvpnapply, which can be exploited by an...

8.6CVSS7.3AI score0.17217EPSS
Exploits2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-5230

Malware in sbrugna...

8.8CVSS8.8AI score0.09116EPSS
Exploits5References4
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-13368

Malicious code in bioql PyPI...

6.9CVSS5.5AI score0.00548EPSS
Exploits1References5
redhatcve
redhatcve
added 2025/05/23 10:42 a.m.6 views

CVE-2024-43027

DrayTek Vigor 3900 before v1.5.1.5Beta, DrayTek Vigor 2960 before v1.5.1.5Beta and DrayTek Vigor 300B before v1.5.1.5Beta were discovered to contain a command injection vulnerability via the action parameter at cgi-bin/mainfunction.cgi...

8CVSS8.1AI score0.01297EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/07 8:31 a.m.16 views

CVE-2025-4271

A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attac...

6.9CVSS5.1AI score0.00548EPSS
Exploits1References1
bdu_fstec
bdu_fstec
added 2021/12/16 12:0 a.m.7 views

The vulnerability of the cgi-bin/upload_firmware.cgi component of the D–Link DIR-823G router’s microprogramming system allows a hacker to cause a service failure.

The vulnerability of the cgi-bin/uploadfirmware.cgi component of the D–Link DIR-823G router’s microprogramming system is related to the lack of authentication. Exploiting this vulnerability can allow an attacker to cause a service failure...

9.4CVSS7.7AI score0.02381EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2020/12/18 2:27 p.m.29 views

CVE-2020-25494

Xinuos formerly SCO Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook...

9.9AI score0.39193EPSS
Exploits3References2
vulnrichment
vulnrichment
added 2020/02/01 12:36 p.m.14 views

CVE-2020-8515

DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta devices allow remote code execution as root without authentication via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1...

10AI score0.99993EPSS
Exploits7References3
osv
osv
added 2020/01/29 3:15 a.m.4 views

CVE-2019-20215

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi in /htdocs/cgibin, because HTTPST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker t...

9.8CVSS7.6AI score0.75105EPSS
Exploits6References3
cvelist
cvelist
added 2018/12/28 5:0 p.m.32 views

CVE-2018-20577

Orange Livebox 00.96.320S devices allow cgi-bin/restore.exe, cgi-bin/firewallSPI.exe, cgi-bin/setupremotemgmt.exe, cgi-bin/setuppass.exe, and cgi-bin/upgradep.exe CSRF. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T...

9.2AI score0.00581EPSS
Exploits1References1
cvelist
cvelist
added 2015/08/31 6:0 p.m.19 views

CVE-2014-6616

Cross-site scripting XSS vulnerability in Softing FG-100 PROFIBUS Single Channel FG-100-PB with firmware FG-x00-PBV2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICENAME parameter to cgi-bin/CFGhttp/...

5.7AI score0.01867EPSS
Exploits2References3
ptsecurity
ptsecurity
added 2009/08/14 12:0 a.m.5 views

PT-2009-5129

Name of the Vulnerable Software and Affected Versions DD-WRT versions prior to build 12533 Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a "cgi-bin/" URI. This is due to a problem in the httpd.c in httpd in the management GUI...

8.3CVSS7.5AI score0.82504EPSS
Exploits7References18
securityvulns
securityvulns
added 2003/02/22 12:0 a.m.35 views

Apache 2.x leaked descriptors

Hello, I noticed a problem with apache 2.x back in October and contacted the apache security team with the problem. They've had about 4 months to do something with the problem but haven't seen fit to fix it yet. The last time I tried to status their progress no one replied to my query. I was...

Exploits0
cvelist
cvelist
added 2000/06/02 4:0 a.m.24 views

CVE-1999-0854

Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file...

6.8AI score0.0132EPSS
Exploits0References2
freebsd_advisory
freebsd_advisory
added 2000/03/01 12:0 a.m.7 views

FreeBSD-SA-00:06.htdig

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:06 Security Advisory FreeBSD, Inc. Topic: htdig port allows remote reading of files Category: ports Module: htdig Announced: 2000-03-01 Affects: Ports collection before...

5.8AI score
Exploits0
cvelist
cvelist
added 2000/02/04 5:0 a.m.26 views

CVE-1999-0509

Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands...

7.4AI score0.33392EPSS
Exploits0References1
exploitpack
exploitpack
added 1997/06/16 12:0 a.m.26 views

SGI IRIX 6.4 - cgi-bin handler

SGI IRIX 6.4 - cgi-bin handler source: https://www.securityfocus.com/bid/380/info A vulnerability exists in the cgi-bin program 'handler', as included by Silicon Graphics in their Irix operating system. This vulnerability will allow a remote attacker to execute arbitrary commands on the vulnerabl...

Exploits0
Rows per page
Query Builder