43053 matches found
EUVD-2026-25263
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the informEnable parameter to /cgi-bin/cstecgi.cgi...
EUVD-2026-25246
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunMaxAlive parameter to /cgi-bin/cstecgi.cgi...
EUVD-2026-25261
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the user parameter to /cgi-bin/cstecgi.cgi...
EUVD-2026-25260
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the url parameter to /cgi-bin/cstecgi.cgi...
EUVD-2026-25245
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunMinAlive parameter to /cgi-bin/cstecgi.cgi...
EUVD-2026-25241
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the provider parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31178
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunMaxAlive parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31181
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunServerAddr parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31171
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the url parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31176
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunuser parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31175
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunEnable parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31174
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the informEnable parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31159
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31160
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the provider parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31165
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the pppoeServiceName parameter to /cgi-bin/cstecgi.cgi...
MAL-2026-3021 Malicious code in lightspark-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d15821a0ef5e30ecb40a14a3e49568a342a372835b2f8b6dbf868217547bcce6 The package lightspark-js was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in lightspark-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d15821a0ef5e30ecb40a14a3e49568a342a372835b2f8b6dbf868217547bcce6 The package lightspark-js was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in microsoft-employee-experience (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c34bc4b2b8497b2f155f93295b0fe4b78eb94e7830684929547465d0b66b7a7 The package microsoft-employee-experience was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3016 Malicious code in amazon-q-developer-streaming-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2612d348229614bb857a8f2c30c1ad2d66954d7a05073f15319f8aca2fb1a86d The package amazon-q-developer-streaming-client was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in eth-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 843cae77c9aaf84bef1b7d5e46e27795d5203d2959a39b2797f0e1248b4995c7 The package eth-logger was found to contain malicious code. Source: ossf-package-analysis...