Lucene search
K

146618 matches found

CVE
CVE
added 2026/05/25 5:0 p.m.21 views

CVE-2026-9476

Totolink A8000RU Web Management (firmware 7.1cu.643_b20200521) is affected via the /cgi-bin/cstecgi.cgi function setPasswordCfg. Manipulating the admpass parameter enables remote command injection, compromising confidentiality, integrity, and availability. Publicly available exploit exists, indic...

10CVSS7.1AI score0.01909EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 4:45 p.m.24 views

CVE-2026-9475 Totolink A8000RU Web Management cstecgi.cgi setIpQosRules os command injection

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument Comment causes os command injection. Remote exploitation of the attack is...

10CVSS0.01909EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 4:45 p.m.14 views

CVE-2026-9475

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument Comment causes os command injection. Remote exploitation of the attack is...

10CVSS7AI score0.01909EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/25 4:45 p.m.21 views

CVE-2026-9475

Totolink A8000RU Web Management interface vulnerable in /cgi-bin/cstecgi.cgi (function setIpQosRules). CVE-2026-9475 affects Totolink A8000RU 7.1cu.643_b20200521; manipulating the Comment argument enables OS command injection. Remote exploitation is possible; exploit publicly disclosed. According...

10CVSS7AI score0.01909EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 4:45 p.m.15 views

EUVD-2026-31708

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument Comment causes os command injection. Remote exploitation of the attack is...

10CVSS7AI score0.01909EPSS
Exploits0References5
OSV
OSV
added 2026/05/25 3:29 p.m.10 views

MAL-2026-4744 Malicious code in cch-agent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cba1bd1e6bb56f0c9816ab482e2ee7cc3a8f04d9e253dd3afa67e4c71b3ae3a2 simpleagent/init.py re-exports ask and chat from simpleagent/client.py. Both entry points ignore caller-supplied configuration and route the caller's...

5.4AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 3:29 p.m.14 views

Malicious code in cch-agent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cba1bd1e6bb56f0c9816ab482e2ee7cc3a8f04d9e253dd3afa67e4c71b3ae3a2 simpleagent/init.py re-exports ask and chat from simpleagent/client.py. Both entry points ignore caller-supplied configuration and route the caller's...

5.4AI score
Exploits0References4
OSV
OSV
added 2026/05/25 3:12 p.m.15 views

MAL-2026-4707 Malicious code in vue-compiler-sfc-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c320320435358c109567ef3776ced079a2196b831b583b66c87323ddf402bae9 Package name and README impersonate the official @vue/compiler-sfc package; index.js merely re-exports it. The npm postinstall hook runs...

6.1AI score
Exploits0References2
NVD
NVD
added 2026/05/25 2:16 p.m.12 views

CVE-2026-9458

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed fr...

10CVSS0.02094EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 2:16 p.m.12 views

CVE-2026-9457

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possible...

10CVSS0.02094EPSS
Exploits0References5
OSV
OSV
added 2026/05/25 2:15 p.m.8 views

MAL-2026-4685 Malicious code in tempo-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6790e6e83af71238b9773ae49568f5374d094d23d1a7247ef4560d645ef64024 The package contains a file poc.js that imports os, https, fs, and childprocess; collects host identifiers including os.hostname, os.platform, and th...

5.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/25 1:54 p.m.13 views

CVE-2018-25356

A flaw was found in SIPp. A local attacker can exploit a buffer overflow vulnerability by providing oversized input to command-line arguments, such as -3pcc, -i, or -logfile. This can lead to arbitrary code execution or cause the application to crash, resulting in a denial of service...

8.6CVSS6.5AI score0.00162EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/25 1:53 p.m.24 views

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary Multiple components with known vulnerabilities were addressed in IBM QRadar SIEM 7.5.0 UP15 IF03 Vulnerability Details CVEID:CVE-2026-28417 DESCRIPTION: Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the netrw...

9.8CVSS7.4AI score0.01545EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/05/25 1:16 p.m.11 views

CVE-2026-9454

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

10CVSS0.01909EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 1:16 p.m.20 views

CVE-2026-9453

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS0.01385EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 1:16 p.m.13 views

CVE-2026-9455

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the...

10CVSS0.01909EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 1:16 p.m.18 views

CVE-2026-9456

A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...

10CVSS0.01909EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 12:30 p.m.35 views

CVE-2026-9458 Totolink A8000RU Web Management cstecgi.cgi setWanCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed fr...

10CVSS0.02094EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 12:30 p.m.10 views

EUVD-2026-31678

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed fr...

10CVSS7.1AI score0.02094EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 12:30 p.m.9 views

CVE-2026-9458

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed fr...

10CVSS7.1AI score0.02094EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder