70667 matches found
EUVD-2026-33269
Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...
CVE-2026-49199
Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...
CVE-2026-49199 Predator Connect W6x: RCE via MQTT
Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...
CVE-2026-49199
The CVE-2026-49199 entry describes a root‑level RCE via crafted MQTT messages, enabling command injection on the target device. Connected records identify Predator Connect W6x as affected (CVE-2026-49199 CVE Record). The core issue is a vulnerability in handling MQTT payloads that allows arbitrar...
CVE-2026-49199 Predator Connect W6x: RCE via MQTT
Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...
CVE-2026-49196 Predator Connect W6x: Web Interface Command Injection
The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands...
CVE-2026-49196
Predator Connect W6x firmware exposes a web-interface command injection via the Wi‑Fi device blocking feature, caused by inadequate MAC address input sanitization. This permits arbitrary shell command execution through the affected component. The CVSS details indicate network access with high imp...
CVE-2026-49196 Predator Connect W6x: Web Interface Command Injection
The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands...
MGASA-2026-0157 Updated perl-HTTP-Daemon package fixes a security vulnerability
The updated package fixes a security vulnerability: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. CVE-2026-8450...
Updated perl-HTTP-Daemon package fixes a security vulnerability
The updated package fixes a security vulnerability: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. CVE-2026-8450...
TRENDnet TEW-432BRP 命令注入漏洞
TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. The TRENDnet TEW-432BRP 3.10B20 version has a command injection vulnerability. This vulnerability stems from the peerPin parameter in the goform/formWPS file, which allows for command execution by remote attacker...
Waterfall WF-500 操作系统命令注入漏洞
The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. Version 7.9.1.0 R2502171040 of the Waterfall WF-500 contains an operating system command injection vulnerability. This vulnerability...
Waterfall WF-500 操作系统命令注入漏洞
The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. Version 7.9.1.0 R2502171040 of the Waterfall WF-500 contains an operating system command injection vulnerability. This vulnerability...
Waterfall WF-500 操作系统命令注入漏洞
The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. The version 7.9.1.0 R2502171040 of the Waterfall WF-500 TX Host contains an operating system command injection vulnerability. This...
Waterfall WF-500 操作系统命令注入漏洞
The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. The Waterfall WF-500 has a vulnerability related to operating system command injection. This vulnerability stems from command injecti...
Waterfall WF-500 操作系统命令注入漏洞
The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. The version 7.9.1.0 R2502171040 of the Waterfall WF-500 contains an operating system command injection vulnerability. This...
Waterfall WF-500 操作系统命令注入漏洞
The Waterfall WF-500 is a sending-side host component in the industrial control network unidirectional security gateway developed by the Israeli company Waterfall. Version 7.9.1.0 R2502171040 of the Waterfall WF-500 TX and RX Hosts contains an operating system command injection vulnerability. Thi...
TRENDnet TEW-432BRP 安全漏洞
TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from command injection in the file/goform/formSetRoute, where parameters such as ip, mask, and gateway can be used to...
WWBN AVideo 操作系统命令注入漏洞
WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained an operating system command injection vulnerability. This vulnerability stemmed from the execAsync command in the YPTSocket notification branch, which constructed...
Dokploy 操作系统命令注入漏洞
Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy 0.28.8 and earlier contained a vulnerability related to operating system command injection. This vulnerability stemmed from authenticated OS command injections at the WebSocket endpoints, allowing any member of an...