CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

155 matches found

Positive Technologies•added 2023/05/05 12:0 a.m.•2 views

PT-2023-6552 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R versions V9.1.0u.6118 B20201102 through V9.1.0u.6369 B20230113 Description: The issue concerns a command insertion vulnerability in the setting/setTracerouteCfg component of the TOTOLINK X5000R router's firmware. This...

10CVSS9.7AI score0.92398EPSS

Exploits4References8

CNNVD•added 2023/04/25 12:0 a.m.•1 views

Aigital Wireless-N Repeater Mini_Router 安全漏洞

Aigital Wireless-N Repeater Mini-Router is a wireless router repeater from Aigital. A security vulnerability exists in Aigital Wireless-N Repeater MiniRouter version v0.131229, which stems from the discovery of a Remote Code Execution RCE vulnerability via the sysCmd parameter in the formSysCmd...

9.8CVSS9.3AI score0.14649EPSS

Exploits1References4

Vulnrichment•added 2023/04/15 12:0 a.m.•6 views

CVE-2022-45030

A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= this may interact with secure-file-priv...

7.9AI score0.00227EPSS

Exploits4References2

CNNVD•added 2023/02/23 12:0 a.m.•1 views

Korenix Technology Korenix JetWave 命令注入漏洞

Korenix Technology Korenix JetWave is a family of wireless access points from Korenix Technology. A security vulnerability exists in Korenix Technology Korenix JetWave 4200 Series version 1.3.0, JetWave 3000 Series version 1.6.0. An attacker can exploit the vulnerability to execute commands as ro...

8.8CVSS8.2AI score0.02257EPSS

Exploits1References3

Positive Technologies•added 2022/12/30 12:0 a.m.•1 views

PT-2022-26882 · Apache · Apache Kylin

Name of the Vulnerable Software and Affected Versions: Apache Kylin affected versions not specified Description: The issue arises from a fix that uses a blacklist to filter user input commands, but this approach is at risk of being bypassed. An attacker can potentially control the command by...

8.8CVSS8.6AI score0.00387EPSS

Exploits0References8

CNNVD•added 2022/11/30 12:0 a.m.•1 views

Event Registration System 代码问题漏洞

Event Registration System is an event registration system with QR codes by Carlo Montero Personal Developer. A security vulnerability exists in the Event Registration System version 1.0, which stems from an incorrect manipulation of the parameter cmd leading to unrestricted file uploads...

9.8CVSS8.1AI score0.00332EPSS

Exploits0References2

NVD•added 2022/10/06 7:15 p.m.•10 views

CVE-2022-41523

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function...

8.8CVSS0.00389EPSS

Exploits1References1

OSV•added 2022/10/06 7:15 p.m.•0 views

CVE-2022-41523

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function...

8.8CVSS5.8AI score0.00389EPSS

Exploits1References1

Prion•added 2022/10/06 7:15 p.m.•11 views

Stack overflow

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function...

6.5CVSS8.9AI score0.00389EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/10/06 12:0 a.m.•14 views

CVE-2022-41523

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function...

9.1AI score0.00389EPSS

Exploits1References1

CVE•added 2022/10/06 12:0 a.m.•45 views

CVE-2022-41523

Summary: CVE-2022-41523 affects TOTOLINK NR1800X (version 9.1.0u.6279_B20210910). An authenticated stack overflow in the setTracerouteCfg function via the command parameter could crash the app or allow arbitrary code execution within the application context. The NVD entry assigns a high impact (C...

8.8CVSS8.9AI score0.00389EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2022/09/13 12:0 a.m.•1 views

PT-2022-25010 · Nokia · Nokia 1350 Oms

Name of the Vulnerable Software and Affected Versions: NOKIA 1350 OMS version R14.2 Description: The issue is related to multiple OS Command Injection vulnerabilities. These vulnerabilities allow unauthenticated users to execute commands on the operating system. The vulnerabilities occur via...

9.8CVSS9.9AI score0.13489EPSS

Exploits0References3

NVD•added 2022/08/25 3:15 p.m.•8 views

CVE-2022-37080

TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow via the command parameter at setting/setTracerouteCfg...

7.8CVSS0.00071EPSS

Exploits1References1