Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

145119 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/25 10:15 p.m.4 views

CVE-2026-9512

A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can b...

6.5CVSS6.4AI score0.04841EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/05/25 10:15 p.m.15 views

CVE-2026-9512

CVE-2026-9512 affects Totolink CA750-PoE (firmware 6.2c.510) in the Setting Handler’s /cgi-bin/cstecgi.cgi, where manipulating the admuser/admpass arguments enables an os command injection in the setPasswordCfg function. The issue is remotely exploitable and, per the metrics, has an in-the-wild p...

6.5CVSS6.4AI score0.04841EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/25 10:15 p.m.4 views

CVE-2026-9512 Totolink CA750-PoE Setting cstecgi.cgi setPasswordCfg os command injection

A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can b...

6.5CVSS6.4AI score0.04841EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/25 10:15 p.m.16 views

CVE-2026-9512 Totolink CA750-PoE Setting cstecgi.cgi setPasswordCfg os command injection

A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can b...

6.5CVSS0.04841EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/25 10:0 p.m.4 views

CVE-2026-9511 Totolink CA750-PoE Setting cstecgi.cgi setWebWlanIdx os command injection

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.0375EPSS
Exploits0References5
CVE
CVEadded 2026/05/25 10:0 p.m.14 views

CVE-2026-9511

The CVE-2026-9511 entry concerns Totolink CA750-PoE (firmware 6.2c.510) with a vulnerability in the Setting Handler: file /cgi-bin/cstecgi.cgi, function setWebWlanIdx. Recasting the webWlanIdx parameter allows an os command injection, with remote exploitation possible. Public exploit access is in...

6.5CVSS6.4AI score0.0375EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/25 10:0 p.m.6 views

CVE-2026-9511

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.0375EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/05/25 10:0 p.m.7 views

EUVD-2026-31760

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.0375EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/25 10:0 p.m.19 views

CVE-2026-9511 Totolink CA750-PoE Setting cstecgi.cgi setWebWlanIdx os command injection

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

6.5CVSS0.0375EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/25 8:1 p.m.10 views

Malicious code in spip-pth-demo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb61035c28fe642903fac1b2776b2593c1611831ce5553e63ef8b09a77e414c9 The package installs a suspicious-demo.pth file into site-packages via setup.py's datafiles="", "suspicious-demo.pth". Python auto-processes.pth file...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/25 6:53 p.m.7 views

Malicious code in skills-detector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 844190b21455d308d6e2b5305ebe92634d80b55817290a84644a1048df0e54b3 On npm install, postinstall.js executes whoami and id via childprocess.execSync, collects os.hostname, os.platform, current working directory, and th...

5.8AI score
Exploits0References2
NVD
NVDadded 2026/05/25 6:16 p.m.7 views

CVE-2026-9478

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be performe...

10CVSS0.01254EPSS
Exploits0References5
NVD
NVDadded 2026/05/25 6:16 p.m.8 views

CVE-2026-9477

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is...

10CVSS0.01254EPSS
Exploits0References5
OSV
OSVadded 2026/05/25 6:12 p.m.5 views

MAL-2026-4351 Malicious code in @databus-service-ui/ui-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b82b3af71dce087a185cffa6f3691ad5a4e4c3d9e35154070ef4ad0dd4f15b10 scripts/postinstall.js performs two install-time attacks against any machine that runs npm install. 1 Credential exfiltration: it iterates process.en...

6.4AI score
Exploits0References2
Ubuntu
Ubuntuadded 2026/05/25 6:2 p.m.10 views

USN-8304-1: Vim vulnerabilities

Joshua Rogers discovered that Vim incorrectly handled certain URL schemes in the netrw plugin. An attacker could possibly use this issue to execute arbitrary commands. CVE-2026-42307 It was discovered that Vim incorrectly handled command-line completion for the :find command. An attacker could...

6.6CVSS6AI score0.0023EPSS
Exploits1
EUVD
EUVDadded 2026/05/25 5:30 p.m.10 views

EUVD-2026-31712

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be performe...

10CVSS7AI score0.01254EPSS
Exploits0References5
CVE
CVEadded 2026/05/25 5:30 p.m.16 views

CVE-2026-9478

Totolink A8000RU Web Management Interface contains a vulnerability in /cgi-bin/cstecgi.cgi-setParentalRules where manipulating the enable argument can cause os command injection. Affected product: Totolink A8000RU (version 7.1cu.643_b20200521). Impact is remote with high confidentiality, integrit...

10CVSS7AI score0.01254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/25 5:30 p.m.8 views

CVE-2026-9478

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be performe...

10CVSS5.5AI score0.01254EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/25 5:30 p.m.6 views

CVE-2026-9478 Totolink A8000RU Web Management cstecgi.cgi setParentalRules os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be performe...

10CVSS7AI score0.01254EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/25 5:30 p.m.17 views

CVE-2026-9478 Totolink A8000RU Web Management cstecgi.cgi setParentalRules os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be performe...

10CVSS0.01254EPSS
Exploits0References5
Rows per page
Query Builder