Lucene search
K

146603 matches found

CVE
CVE
added 2026/05/26 5:0 a.m.21 views

CVE-2026-9532

CVE-2026-9532 affects Totolink CA750-PoE 6.2c.510. The vulnerability lies in the Setting Handler’s file /cgi-bin/cstecgi.cgi function setUploadUserData where manipulation of the argument FileName leads to an OS command injection . The issue is reported as exploitable from remote with the exploit ...

6.5CVSS6.3AI score0.01803EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/26 5:0 a.m.13 views

EUVD-2026-31794

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument FileName leads to os command injection. The attack may be performe...

6.5CVSS6.3AI score0.01803EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/26 5:0 a.m.36 views

CVE-2026-9532 Totolink CA750-PoE Setting cstecgi.cgi setUploadUserData os command injection

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument FileName leads to os command injection. The attack may be performe...

6.5CVSS0.01803EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/26 4:45 a.m.40 views

CVE-2026-9531 Totolink CA750-PoE Setting cstecgi.cgi setUpgradeUboot os command injection

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

6.5CVSS0.01803EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/26 4:45 a.m.13 views

EUVD-2026-31789

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

6.5CVSS5.6AI score0.01803EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/26 4:45 a.m.8 views

CVE-2026-9531 Totolink CA750-PoE Setting cstecgi.cgi setUpgradeUboot os command injection

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

6.5CVSS6.4AI score0.01803EPSS
Exploits0References5
CVE
CVE
added 2026/05/26 4:45 a.m.20 views

CVE-2026-9531

CVE-2026-9531 details (Totolink CA750-PoE, firmware 6.2c.510) : The vulnerability affects the function setUpgradeUboot in the file /cgi-bin/cstecgi.cgi of the Setting Handler. Manipulating the argument FileName leads to an os command injection. The issue is exploitable remotely, and public exploi...

6.5CVSS6.4AI score0.01803EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/26 2:4 a.m.14 views

SUSE CVE-2018-25356

SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can trigger the vulnerability by supplying oversized input to the -3pcc, -i, or -logfile parameters,...

8.6CVSS6.2AI score0.00162EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 1:2 a.m.13 views

Malicious code in weavedb-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3017d9faf2f1f8a8973162392159e8d185b9c676555d406da261e67cd95395e8 package.json declares "preinstall": "./src/deps.ts", but src/deps.ts is not TypeScript — its first bytes are the ELF magic \x7fELF\x02\x01\x01,...

6AI score
Exploits0References3
NVD
NVD
added 2026/05/26 12:16 a.m.12 views

CVE-2026-9515

A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument pluginversion results in os command injection. The attack may be launched remotel...

6.5CVSS0.01803EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/26 12:0 a.m.39 views

CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

0.01645EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

TOTOLINK CA750-PoE is a wireless network access device produced by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of theFileName parameter in the setUploadUserDat...

6.5CVSS6.6AI score0.01803EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

TOTOLINK CA750-PoE is a wireless network access device produced by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from the operation of the setUnloadUserData function in the...

6.5CVSS6.6AI score0.01803EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-43438

Name of the Vulnerable Software and Affected Versions Samba affected versions not specified Description A flaw exists in the handling of certificate auto-enrollment Group Policy. When this feature is enabled, Samba may retrieve a CA certificate via an unencrypted HTTP connection and install it in...

9.8CVSS5.8AI score0.02669EPSS
Exploits0References97
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.8 views

FastNetMon 安全漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov, based on multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contain security vulnerabilities. These vulnerabilities stem from the log function in the Juniper router integration plugin, which doe...

9.8CVSS5.8AI score0.01645EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-43193

A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument fwUrl/magicid results in os command injection. It is possible to initiate...

6.5CVSS6.5AI score0.01803EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/26 12:0 a.m.10 views

EUVD-2026-31843

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

6AI score0.01645EPSS
Exploits1References3
EUVD
EUVD
added 2026/05/26 12:0 a.m.10 views

EUVD-2026-31949

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The log function in src/mikrotikplugin/fastnetmonmikrotik.php lines 107-108 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

8.1CVSS5.9AI score0.0107EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.13 views

PT-2026-43274

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.3.0 Description An OS command injection issue exists in the Juniper router integration plugin. The log function in src/juniper plugin/fastnetmon juniper.php constructs shell commands by...

9.8CVSS5.5AI score0.01645EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.10 views

PT-2026-47109

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service DoS. This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files...

5.6AI score
Exploits0References7
Rows per page
Query Builder