CVE-2025-67090

The LuCI web interface on Gl Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. Fix available in version 4.8.2 GL.Inet AX1800 Version 4.6.4 & 4.6.8 lacks rate limiting or account lockout mechanisms on the authentication endpoint /cgi-bin/luci. An unauthenticated attacker on the local netwo...

CVE-2025-67090

The LuCI web interface on Gl Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. Fix available in version 4.8.2 GL.Inet AX1800 Version 4.6.4 & 4.6.8 lacks rate limiting or account lockout mechanisms on the authentication endpoint /cgi-bin/luci. An unauthenticated attacker on the local netwo...

CVE-2025-11073

A vulnerability was detected in Keyfactor RG-EW5100BE EW3.0B11P280EW5100BE-PRO12183019. The affected element is an unknown function of the file /cgi-bin/luci/api/cmd of the component HTTP POST Request Handler. The manipulation of the argument url results in command injection. The attack can be...

PT-2025-39737

Name of the Vulnerable Software and Affected Versions Keyfactor RG-EW5100BE EW 3.0B11P280 EW5100BE-PRO 12183019 Description A flaw exists in Keyfactor RG-EW5100BE EW 3.0B11P280 EW5100BE-PRO 12183019. The issue is related to command injection stemming from the manipulation of the url argument with...

EBYTE E880-IR01 Security Vulnerability

EBYTE E880-IR01 is a 4G wireless router from EBYTE, China. A security vulnerability exists in EBYTE E880-IR01 version V1.1. An attacker can exploit this vulnerability to obtain sensitive information via a specially crafted /cgi-bin/luci POST request...

Ruijie Networks Product 代码注入漏洞

Ruijie Networks Product is a series of Ruijie wireless products from China-based Ruijie Networks. A security vulnerability exists in the Ruijie Networks Product that originates from an API privilege that allows a remote attacker to escalate via a POST request to /cgi-bin/luci/ and affects the...

Cross site scripting

Cudy LT400 1.13.4 is vulnerable Cross Site Scripting XSS in /cgi-bin/luci/admin/network/bandwidth via the icon parameter...

CVE-2021-43159

A Remote Code Execution RCE vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW3.01B11P55 via the setSessionTime function in /cgi-bin/luci/api/common...

Gryphon Tower 跨站脚本漏洞

A cross-site scripting vulnerability exists in Gryphon Tower, a wireless router from Gryphon. The vulnerability stems from a lack of user-supplied data and output data validation filtering in the url parameter of cgi-bin/luci/siteaccess/, which can be exploited to execute client-side JavaScript...

Design/Logic Flaw

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. A format error in /etc/shadow, coupled with a logic bug in the LuCI - OpenWrt Configuration Interface framework, allows the undocumented system account mofidev to login to the cgi-bin/luci/quick/wizard management interfac...

Command injection

OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data...

Open redirect

TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the interface field of an admin/wportal command to cgi-bin/luci, related to the getdevicebyif function in /usr/lib/lua/luci/controller/admin/wportal.lua in uhttpd...

CVE-2017-17757

TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the interface field of an admin/wportal command to cgi-bin/luci, related to the getdevicebyif function in /usr/lib/lua/luci/controller/admin/wportal.lua in uhttpd...

CVE-2017-17757

CVE-2017-17757 affects TP-Link TL-WVR and TL-WAR devices. The vulnerability exists in the uhttpd web interface (admin/wportal) via shell metacharacters in the interface field passed to cgi-bin/luci, related to get_device_byif in /usr/lib/lua/luci/controller/admin/wportal.lua, allowing remote auth...

TP-Link TL-WVR and TL-WAR Arbitrary Command Execution Vulnerability

TP-Link TL-WVR and TL-WAR are both wireless router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link TL-WVR and TL-WAR. The vulnerability can be exploited by a remote attacker to execute arbitrary commands by sending the admin/wportal command with shell metacharacter...

Command Injection Vulnerability in Multiple TP-Link Products (CNVD-2017-37955)

TP-Link TL-WVR and others are wireless router products from China P&L TP-LINK. A command injection vulnerability exists in multiple TP-Link products. The vulnerability can be exploited to execute arbitrary commands by sending the admin/interface command with shell metacharacters in the tbindif...

Command Injection Vulnerability in Multiple TP-Link Products

TP-Link TL-WVR and others are wireless router products from China P&L TP-LINK. A command injection vulnerability exists in multiple TP-Link products. The vulnerability can be exploited by a remote attacker to execute arbitrary commands by sending an admin/diagnostic command with shell...

Command Injection Vulnerability in Multiple TP-Link Products (CNVD-2017-37953)

TP-Link TL-WVR and others are wireless router products from China P&L TP-LINK. A command injection vulnerability exists in multiple TP-Link products. The vulnerability can be exploited by a remote attacker to execute arbitrary commands by sending the admin/bridge command with shell metacharacters...

CVE-2017-16957

TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface field of an admin/diagnostic command to cgi-bin/luci, related to the zonegeteffectdevices function in...

CVE-2017-16958

TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the tbindif field of an admin/bridge command to cgi-bin/luci, related to the getdevicebyif function in /usr/lib/lua/luci/controller/admin/bridge.lua in uhttpd...