Lucene search
K

44991 matches found

Cvelist
Cvelist
added 2025/12/11 11:29 a.m.27 views

CVE-2025-64993 Command Injection in 1E-ConfigMgrConsoleExtensions Instructions

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-ConfigMgrConsoleExtensions instructions. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote...

6.8CVSS0.00758EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/11 11:28 a.m.5 views

EUVD-2025-202672

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-PauseNomadJobQueue instruction prior V25. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remo...

6.8CVSS7.4AI score0.00758EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/11 11:28 a.m.3 views

EUVD-2025-202673

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-PatchInsights-Deploy instruction prior V15. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote...

6.8CVSS7.4AI score0.00758EPSS
Exploits0References2
CVE
CVE
added 2025/12/11 11:28 a.m.15 views

CVE-2025-64991

CVE-2025-64991 describes a command injection vulnerability in TeamViewer DEX (formerly 1E DEX). The issue occurs in the 1E-PatchInsights-Deploy instruction before V15 due to improper input validation, enabling authenticated attackers with Actioner privileges to inject arbitrary commands and poten...

7.2CVSS7.6AI score0.00758EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/11 11:27 a.m.28 views

CVE-2025-64990 Command Injection in 1E-Explorer-TachyonCore-LogoffUser Instruction

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-LogoffUser instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation...

6.8CVSS0.00719EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/11 11:27 a.m.3 views

EUVD-2025-202675

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-FindFileBySizeAndHash instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands...

7.2CVSS7.4AI score0.0098EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/11 11:26 a.m.4 views

CVE-2025-64988 Command Injection in 1E-Nomad-GetCmContentLocations Instruction

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables...

7.2CVSS7.6AI score0.01035EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/11 3:40 a.m.246 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell Metasploit Module CVE-2025-55182 BETA A robus...

10CVSS7.5AI score0.99562EPSS
Exploits372
EUVD
EUVD
added 2025/12/11 12:30 a.m.5 views

EUVD-2024-55318

CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensionsuserfiles and upload a shell script to the media directory to execute arbitrary code on the server...

8.6CVSS7.7AI score0.00809EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/11 12:30 a.m.3 views

EUVD-2025-202606

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 contain an undocumented remote access mechanism enabling unrestricted remote command execution...

9.8CVSS6.9AI score0.00843EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/11 12:30 a.m.6 views

EUVD-2024-55316

Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a command execution form that enables...

8.6CVSS7.8AI score0.00858EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/11 12:3 a.m.27 views

CVE-2025-65294

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 contain an undocumented remote access mechanism enabling unrestricted remote command execution...

9.8CVSS7.2AI score0.00843EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.5 views

Ruijie RG-BCR 安全漏洞

Ruijie RG-BCR is a series of cloud routers from China's Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR that stems from improper handling of a specially crafted POST request for submitwifi in the file /usr/lib/lua/luci/controller/admin/commonquickconfig.lua, which could lead t...

8.8CVSS6.9AI score0.0203EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.5 views

Ruijie M18 安全漏洞

Ruijie M18 is a WiFi router from China Ruijie Ruijie. A security vulnerability exists in the Ruijie M18 EW3.01B11P226M1810223116 version, which originates from improper handling of a specially crafted POST request for moduleset in the file /usr/local/lua/devconfig/configretain.lua, which could le...

8.8CVSS6.9AI score0.02244EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

Pretty Mail by FriendsOfFlarum 安全漏洞

Pretty Mail by FriendsOfFlarum is an open source tool from Friends of Flarum that allows you to make custom html templates for emails. A security vulnerability exists in Pretty Mail by FriendsOfFlarum version 1.1.2, which stems from a server-side template injection in an email template that could...

8.6CVSS6.9AI score0.0053EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

Ruijie RG-BCR 安全漏洞

Ruijie RG-BCR is a series of cloud routers from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-BCR RG-BCR860 version, which stems from improper handling of a specially crafted POST request for networksetwanconf in the file /usr/lib/lua/luci/controller/admin/netport.lua, whi...

8.8CVSS6.9AI score0.02666EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

Ruijie RG-EW1800GX 安全漏洞

Ruijie RG-EW1800GX is a wireless router from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-EW1800GX version B11P226EW1800GX10223121, which stems from improper handling of a specially crafted POST request for moduleset in the file /usr/local/lua/devsta/nbrcwmp.lua, which...

8.8CVSS6.9AI score0.02486EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.2 views

Ruijie X30 PRO 安全漏洞

Ruijie X30 PRO is a home wireless router from China's Ruijie Ruijie. A security vulnerability exists in the Ruijie X30 PRO that stems from improper handling of a specially crafted POST request for pwdmodify in the file /usr/lib/lua/luci/modules/common.lua, which could result in the execution of...

8.8CVSS6.9AI score0.02324EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

Ruijie RG-YST 安全漏洞

Ruijie RG-YST is a series of wireless bridges from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-YST YSTAP3.01B11P280YST250F V1.xxV2.xx version, which originates from mishandling of a specially crafted POST request for pwdmodify in the file...

8.8CVSS6.9AI score0.01451EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

Ruijie RG-EW1800GX PRO 安全漏洞

Ruijie RG-EW1800GX PRO is a wireless router from China Ruijie Ruijie. A security vulnerability exists in the Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 version, which originates from a specially crafted POST request to moduleget in file /usr/local/lua/devsta/networkConnect.lua. Improper...

8.8CVSS6.9AI score0.02308EPSS
Exploits1References3
Rows per page
Query Builder