Tenda FH1205 安全漏洞

The Tenda FH1205 is a home wireless router from China's Tenda, geared toward the average home network environment, providing wireless connectivity. The Tenda FH1205 suffers from a stack buffer overflow vulnerability that originates from the cmdinput parameter of the formexeCommand method of the...

Command Execution Vulnerability in EG2000UE of Beijing StarNet Ruijie Network Technology Co. Ltd (CNVD-2024-18958)

EG2000UE is a gateway product. A command execution vulnerability exists in the EG2000UE of Beijing StarNet Ruijie Network Technology Company Limited, which can be exploited by an attacker to execute arbitrary commands...

Command Execution Vulnerability in T+ (CNVD-2024-18952)

T+ is a new Internet business management software. A command execution vulnerability exists in Changjitong T+, which can be exploited by an attacker to execute arbitrary commands...

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-17841)

Electronic document security management system is an electronic document security protection software, the system utilizes the driver layer transparent encryption technology, through the encryption protection of electronic documents, to prevent internal staff leakage and external personnel to...

Command Execution Vulnerability in EG3000SE of Beijing StarNet Ruijie Network Technology Co.

EG3000SE is a new generation of high performance integrated gateway. A command execution vulnerability exists in the EG3000SE of Beijing StarNet Ruijie Network Technology Co. Ltd, which can be exploited by an attacker to gain control of the server...

Command Execution Vulnerability in the Client of KingSuperSCADA Operation System of Beijing Asian Control Technology Development Co.

Ltd. is a high-tech industrial automation and informatization software platform enterprise founded in 1997. A command execution vulnerability exists in the client side of the KingSuperSCADA operating system of Beijing Asian Control Technology Development Co...

Command Execution Vulnerability in RG-UAC 6000-E50C at Beijing StarNet Ruijie Network Technology Co.

Ruijie Networks, founded in 2003, is an industry-leading provider of network infrastructure and solutions. A command execution vulnerability exists in the RG-UAC 6000-E50C of Beijing StarNet Ruijie Network Technology Company Limited, which can be exploited by an attacker to execute arbitrary...

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisaitong Technology Development Co.

Electronic document security management system is an electronic document security protection software, the system utilizes the driver layer transparent encryption technology, through the encryption protection of electronic documents, to prevent internal staff leakage and external personnel to...

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices stems from the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisetong Technology Development Co., Ltd (CNVD-2024-14912)

Electronic document security management system is an electronic document security protection software, the system utilizes the driver layer transparent encryption technology, through the encryption protection of electronic documents, to prevent internal staff leakage and external personnel to...

TOTOLINK A3300R setMacFilterRules Method Command Injection Vulnerability

The TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the enable parameter of the setMacFilterRules method failing to correctly filter construct command...

CVE-2024-23828 Nginx-UI authenticated RCE through injecting into the application config via CRLF

Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to an authenticated arbitrary command execution via CRLF attack when changing the value of testconfigcmd or startcmd. This vulnerability exists due to an incomplete fix for CVE-2024-22197 and CVE-2024-22198. This...

Command Execution Vulnerability in Damon Database Management System

Damon Database Management System DM8 is a database system developed by Wuhan Damon Database Co. A command execution vulnerability exists in Damon Database Management System, which can be exploited by an attacker to gain server privileges...

CVE-2023-52031

TOTOlink A3700R v9.1.2u.5822B20200513 was discovered to contain a remote command execution RCE vulnerability via the UploadFirmwareFile function...

CVE-2023-52029

TOTOLINK A3700R (v9.1.2u.5822_B20200513) contains a remote command execution (RCE) in the setDiagnosisCfg function. The issue arises from improper handling/filtering of constructed command characters, enabling arbitrary command execution. Affected component: setDiagnosisCfg; impact: remote comman...

TOTOLINK EX1800T setWiFiExtenderConfig Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setWiFiExtenderConfig interface, which originates from the failure of the key5g parameter of the cstecgi .cgi's setWiFiExtenderConfig interface t...

TOTOLINK EX1800T setRptWizardCfg Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setRptWizardCfg interface, which originates from the merge parameter of the cstecgi .cgi's setRptWizardCfg interface that fails to correctly filt...

TOTOLINK EX1800T setPasswordCfg Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setPasswordCfg interface, which originates from the failure of the admuser parameter of the cstecgi .cgi's setPasswordCfg interface to correctly...

TOTOLINK EX1800T setNtpCfg Interface Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setNtpCfg interface. The vulnerability stems from the failure of the tz parameter of the setNtpCfg interface of cstecgi .cgi to properly filter...

TOTOLINK EX1800T lanIp Parameter Command Execution Vulnerability

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T lanIp parameter. The vulnerability stems from the failure of the lanIp parameter of the setLanConfig interface of cstecgi .cgi to properly filter...