CVE-2021-4474

CVE-2021-4474 concerns Ruckus Access Point devices where the CLI contains an arbitrary file read vulnerability. The issue allows authenticated remote attackers with administrative privileges to read arbitrary files from the device’s underlying filesystem, exposing sensitive information such as co...

CVE-2021-4474 Ruckus AP CLI Arbitrary File Read Allows Authenticated Remote File Access

Ruckus Access Point products contain an arbitrary file read vulnerability in the command-line interface that allows authenticated remote attackers with administrative privileges to read arbitrary files from the underlying filesystem. Attackers can exploit this vulnerability to access sensitive...

CVE-2021-4474

Ruckus Access Point products contain an arbitrary file read vulnerability in the command-line interface that allows authenticated remote attackers with administrative privileges to read arbitrary files from the underlying filesystem. Attackers can exploit this vulnerability to access sensitive...

CVE-2025-48418

A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7,...

CVE-2026-22320

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...

CVE-2026-23816

A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

vulnx 2.0.0

vulnx is a command-line interface CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases...

Ruckus Wireless多款产品 安全漏洞

Ruckus Wireless SmartZone is a high-performance WLAN controller from Ruckus Technologies. Several products of Ruckus Wireless have security vulnerabilities. These vulnerabilities stem from arbitrary file reading vulnerabilities in the command-line interface, which could allow authenticated remote...

@grackle-ai/cli (>=0.0.2 <=0.138.1) potentially affected by unknown CVE via @grackle-ai/server (>=0.0.2 <=0.70.4)

@grackle-ai/server NPM version =0.0.2, =0.0.2, =0.138.1 Source cves: unknown CVE Source advisory: SNYK:JS-GRACKLEAISERVER-15840038...

@grackle-ai/cli (>=0.0.2 <=0.138.1) potentially affected by unknown CVE via @grackle-ai/server (>=0.0.2 <=0.70.0)

@grackle-ai/server NPM version =0.0.2, =0.0.2, =0.138.1 Source cves: unknown CVE Source advisory: SNYK:JS-GRACKLEAISERVER-15840033...

NightOwl

NightOwl Advanced Penetration Testing Framework A modula...

CVE-2026-20110

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit th...

Nats-Server 安全漏洞

Nats-Server is a high-performance server developed by Nats Open Source, used for native message delivery systems on Nats.io, cloud, and edge environments. There were security vulnerabilities in versions of NATS-Server prior to 2.11.15 and 2.12.6. These vulnerabilities stemmed from credentials...

Reconx

🔍 reconx - Modular Penetration Testing Framework !Python 3...

CVE-2025-15518

Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...

CVE-2026-3587

An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device...

ROS-20260320-73-0002

A vulnerability in the command line interface of the SQLite database management system is associated with errors in the implementation of the azAllowedFunctions protection mechanism. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to prohibited user functions...

Jenkins has a DNS rebinding vulnerability in WebSocket CLI origin validation

Jenkins 2.442 through 2.554 both inclusive, LTS 2.426.3 through LTS 2.541.2 both inclusive performs origin validation of requests made through the CLI WebSocket endpoint by computing the expected origin for comparison using the Host or X-Forwarded-Host HTTP request headers, making it vulnerable t...

EUVD-2026-12789

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...

CVE-2026-22320

A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...