45043 matches found
D-Link DIR-823X 安全漏洞
The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command execution vulnerability that can be exploited by an attacker to cause code execution due to the setcassword settings interface not filtering special characters in the httpcasswd parameter...
PT-2025-39770
CVE-2025-60029 - Intel NUC Router Unauthenticated Remote Command Execution CVE ID : CVE-2025-60029 Published : Sept. 26, 2025, 3:15 a.m. | 4 hours, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,...
SonarQube 操作系统命令注入漏洞
SonarQube is a code inspection tool from Sonar Open Source. An operating system command injection vulnerability exists in SonarQube versions 4.0.0 through prior to 6.0.0, which stems from a failure to properly validate user input on the Windows runner and could lead to arbitrary command execution...
Docker Desktop 安全漏洞
Docker Desktop is a desktop software for lightweight deployment of applications based on container technology from Docker Inc. in the United States. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...
CVE-2025-11005
The CVE-2025-11005 issue affects TOTOLINK X6000R, where OS Command Injection arises from improper neutralization of special elements in user input. Affected versions: X6000R up to and including V9.4.0cu.1458_B20250708. Root cause: failure to properly filter special elements allows an attacker to ...
CVE-2025-59817
This vulnerability allows attackers to execute arbitrary commands on the underlying system. Because the web portal runs with root privileges, successful exploitation grants full control over the device, potentially compromising its availability, confidentiality, and integrity...
CVE-2025-59815
This vulnerability allows malicious actors to execute arbitrary commands on the underlying system of the Zenitel ICX500 and ICX510 Gateway, granting shell access. Exploitation can compromise the device’s availability, confidentiality, and integrity...
CVE-2025-40836
Ericsson Indoor Connect 8855 contains an improper input validation vulnerability which if exploited can allow an attacker to execute commands with escalated privileges...
CVE-2025-59831 `git-comiters` Command Injection vulnerability
git-commiters is a Node.js function module providing committers stats for their git repository. Prior to version 0.1.2, there is a command injection vulnerability in git-commiters. This vulnerability manifests with the library's primary exported API: gitCommitersoptions, callback which allows...
spamassassin: Fix of 2 CVEs
CVE-2020-1930: fix command-execution vulnerability in SpamAssassin .cf parsing - CVE-2020-1931: fix command-execution vulnerability in SpamAssassin .cf parsing...
CLSA-2025-1758796775 spamassassin: Fix of 2 CVEs
CVE-2020-1930: fix command-execution vulnerability in SpamAssassin .cf parsing - CVE-2020-1931: fix command-execution vulnerability in SpamAssassin .cf parsing...
CVE-2025-59545
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, the Prompt module allows execution of commands that can return raw HTML. Malicious input, even if sanitized for display elsewhere, can be executed when processed...
PT-2025-39447
Name of the Vulnerable Software and Affected Versions Affected versions not specified Description This issue allows attackers to execute arbitrary commands on the underlying system. Successful exploitation grants full control over the device due to the web portal running with root privileges,...
Zenitel ICX500和Zenitel ICX510 安全漏洞
Zenitel ICX500 and Zenitel ICX510 are both communication and control platforms from Zenitel Norway. A security vulnerability exists in the Zenitel ICX500 and Zenitel ICX510 that originates from an attacker being able to execute arbitrary commands that could result in full control of the device...
PT-2025-39445
Name of the Vulnerable Software and Affected Versions Zenitel ICX500 and ICX510 Gateway affected versions not specified Description This issue allows attackers to execute arbitrary commands on the underlying system, potentially gaining shell access. Successful exploitation can compromise the...
Zenitel ICX500和Zenitel ICX510 安全漏洞
Zenitel ICX500 and Zenitel ICX510 are both communication and control platforms from Zenitel Norway. A security vulnerability exists in the Zenitel ICX500 and Zenitel ICX510 that originates from a malicious actor that can execute arbitrary commands, potentially compromising device availability,...
D-Link DIR-823X Command Injection Vulnerability (CNVD-2025-23469)
The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command injection vulnerability due to a flaw in the /usr/sbin/goahead file. An attacker can exploit this vulnerability to execute arbitrary commands on the system...
SAMSUNG Retail Mode 安全漏洞
SAMSUNG Retail Mode is a demo mode application from Samsung South Korea. A security vulnerability exists in SAMSUNG Retail Mode versions prior to 5.59.4, which stems from improper input validation and could allow an attacker to execute privileged commands on an owned device...
Exploit for Origin Validation Error in Edex-Ui_Project Edex-Ui
CVE-2023-30856 Security Patch for eDEX-UI ⚠️ Critical Secu...
CVE-2025-20338
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...