70703 matches found
CVE-2026-9424
The vulnerability CVE-2026-9424 affects Edimax EW-7438RPn firmware 1.31, in the Content-Type Handler’s formWlanMP function (/goform/formWlanMP). It allows an attacker to manipulate a wide set of parameters (ateFunc, ateGain, ateTxCount, ateChan, ateRate, ateMacID, e2pTxPower*, ateTxFreqOffset, at...
CVE-2026-9423
A security flaw has been discovered in Edimax BR-6675nD 1.12. Impacted is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been releas...
CVE-2026-9423 Edimax BR-6675nD POST Request mp command injection
A security flaw has been discovered in Edimax BR-6675nD 1.12. Impacted is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been releas...
CVE-2026-9423 Edimax BR-6675nD POST Request mp command injection
A security flaw has been discovered in Edimax BR-6675nD 1.12. Impacted is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been releas...
CVE-2026-9423
CVE-2026-9423 affects Edimax BR-6675nD firmware 1.12. The vulnerability is in the POST Request Handler’s function mp at /goform/mp, where manipulating the argument command leads to a command injection. The attack can be initiated remotely, and public exploit code has been released. The vendor was...
EUVD-2026-31627
A security flaw has been discovered in Edimax BR-6675nD 1.12. Impacted is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been releas...
CVE-2026-8652
An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...
EUVD-2026-31620
An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...
CVE-2026-8652
An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network...
CVE-2026-8652
CVE-2026-8652 describes an OS Command Injection in the product Aterm . The issue allows an attacker who already has administrator access to the product’s web console to execute arbitrary OS commands via the adjacent network, enabling high-severity impact on confidentiality, integrity, and availab...
exploits
Exploits Exploits and proof-of-concept code from the team at...
CVE-2026-9408
A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...
CVE-2026-9406
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...
CVE-2026-9407
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this vulnerability is the function setFirewallType of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument firewallType leads to os command injection...
CVE-2026-9405
A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation o...
CVE-2026-9408
A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...
EUVD-2026-31609
A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...
CVE-2026-9408 Totolink A8000RU Web Management cstecgi.cgi setStaticDhcpRules os command injection
A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...
CVE-2026-9408
Totolink A8000RU Web Management ( CGI: /cgi-bin/cstecgi.cgi ) is affected by CVE-2026-9408. The vulnerability centers on the setStaticDhcpRules function where manipulating the enable argument leads to OS command injection. Impact is described as remote exploitation with high severity (scores in C...
CVE-2026-9408 Totolink A8000RU Web Management cstecgi.cgi setStaticDhcpRules os command injection
A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...