Lucene search
+L

276 matches found

CVE
CVE
added 2025/06/10 3:17 p.m.48 views

CVE-2025-40591

CVE-2025-40591 affects Siemens RUGGEDCOM ROX II family devices (MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, RX5000) with

8.3CVSS7.6AI score0.01314EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:0 p.m.76 views

CVE-2025-5763

The CVE-2025-5763 entry concerns Tenda CP3 (11.10.00.2311090948) where the function sub_F3C8C in the apollo file allows arbitrary command execution due to improper filtering. Exploitation is remote and the vulnerability is confirmed in multiple sources. Affected component: apollo -> sub_F3C8C;...

8.8CVSS5.4AI score0.04475EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.6 views

PT-2025-24101 · Tenda · Tenda Cp3

Name of the Vulnerable Software and Affected Versions: Tenda CP3 version 11.10.00.2311090948 Description: A critical issue has been found, affecting the function sub F3C8C of the file apollo, leading to command injection. The attack can be launched remotely. Recommendations: For Tenda CP3 version...

8.8CVSS5.2AI score0.04475EPSS
Exploits1References11
NVD
NVD
added 2025/06/05 9:15 p.m.16 views

CVE-2025-5695

A vulnerability has been found in Teledyne FLIR AX8 up to 1.46.16. This impacts the function subscribetospot/subscribetodelta/subscribetoalarm of the file /usr/www/application/models/subscriptions.php of the component Backend. Such manipulation leads to command injection. It is possible to launch...

5.8CVSS0.06889EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/06/05 3:26 p.m.18 views

CVE-2025-5504

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack can be initiated remotely. The exploit has bee...

6.5CVSS7.5AI score0.15041EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/05 11:13 a.m.22 views

CVE-2025-5492

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

8.8CVSS7.5AI score0.02625EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/04 1:18 p.m.16 views

CVE-2025-5445

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this issue is the function RPcheckFWByBBS of the file /goform/RPcheckFWByBBS. The manipulation of the argument...

9.8CVSS7.3AI score0.21289EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/04 12:12 p.m.13 views

CVE-2025-5443

A vulnerability, which was classified as critical, was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function wirelessAdvancedHidden of the file /goform/wirelessAdvancedHidden. The manipulation of the...

9.8CVSS7.3AI score0.21289EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/06/04 6:0 a.m.3 views

CVE-2025-5573 D-Link DCS-932L setSystemWizard setSystemControl os command injection

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. T...

6.5CVSS7.7AI score0.10767EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/04 6:0 a.m.22 views

CVE-2025-5573 D-Link DCS-932L setSystemWizard setSystemControl os command injection

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been rated as critical. Affected by this issue is the function setSystemWizard/setSystemControl of the file /setSystemWizard. The manipulation of the argument AdminID leads to os command injection. The attack may be launched remotely. T...

6.5CVSS0.10767EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/03 8:0 p.m.26 views

CVE-2025-5525 Jrohy trojan linux.go LogChan os command injection

A vulnerability was found in Jrohy trojan up to 2.15.3. It has been declared as critical. This vulnerability affects the function LogChan of the file trojan/util/linux.go. The manipulation of the argument c leads to os command injection. The attack can be initiated remotely. The complexity of an...

6.3CVSS0.02767EPSS
Exploits1References5
NVD
NVD
added 2025/06/03 11:15 a.m.11 views

CVE-2025-5492

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

8.8CVSS0.02625EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/03 10:31 a.m.6 views

CVE-2025-5492 D-Link DI-500WF-WT /usr/sbin/jhttpd msp_info.htm sub_456DE8 command injection

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

6.5CVSS6.9AI score0.02625EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/03 10:31 a.m.21 views

CVE-2025-5492 D-Link DI-500WF-WT /usr/sbin/jhttpd msp_info.htm sub_456DE8 command injection

A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...

6.5CVSS0.02625EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/02 1:31 p.m.11 views

CVE-2025-5447 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 ssid1MACFilter os command injection

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. This vulnerability affects the function ssid1MACFilter of the file /goform/ssid1MACFilter. The manipulation of the...

6.5CVSS7.3AI score0.30143EPSS
Exploits1References5
NVD
NVD
added 2025/06/02 1:15 p.m.16 views

CVE-2025-5445

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. Affected by this issue is the function RPcheckFWByBBS of the file /goform/RPcheckFWByBBS. The manipulation of the argument...

9.8CVSS0.21289EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/02 11:31 a.m.21 views

CVE-2025-5443 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 wirelessAdvancedHidden os command injection

A vulnerability, which was classified as critical, was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function wirelessAdvancedHidden of the file /goform/wirelessAdvancedHidden. The manipulation of the...

6.5CVSS0.21289EPSS
Exploits1References5
CVE
CVE
added 2025/06/02 11:31 a.m.52 views

CVE-2025-5443

CVE-2025-5443 affects Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 (versions 1.0.013.001–1.2.07.001). The vulnerable component is the wirelessAdvancedHidden function in /goform/wirelessAdvancedHidden. Malicious manipulation of ExtChSelector/24GSelector/5GSelector leads to OS command injectio...

9.8CVSS6.9AI score0.21289EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/06/02 11:15 a.m.16 views

CVE-2025-5441

A vulnerability classified as critical was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function setDeviceURL of the file /goform/setDeviceURL. The manipulation of the argument DeviceURL...

9.8CVSS0.21482EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.6 views

PT-2025-23503 · Linksys · Linksys Re6300 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000 versions 1.0.013.001 through 1.2.07.001 Description: A critical issue has been found, affecting the function RP pingGatewayByBBS of the file /goform/RP pingGatewayByBBS. The...

9.8CVSS6.8AI score0.21482EPSS
Exploits1References12
Rows per page
Query Builder