146654 matches found
CVE-2026-9408
Totolink A8000RU Web Management ( CGI: /cgi-bin/cstecgi.cgi ) is affected by CVE-2026-9408. The vulnerability centers on the setStaticDhcpRules function where manipulating the enable argument leads to OS command injection. Impact is described as remote exploitation with high severity (scores in C...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK A8000RU version 7.1cu.643b20200521, which originates from the parameter of the function UploadOpenVpnCert in the file /cgi-bin/cstecgi.cgi in the component We...
Edimax EW-7438RPn 操作系统命令注入漏洞
The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. An OS command injection vulnerability exists in the Edimax EW-7438RPn version 1.31, which stems from the manipulation of the parameters of the function formWlanMP in the file /goform/formWlanMP by the Content-Typ...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the function setParentalRules in the Web Management Interface component file /cgi-bin/cstecgi.c...
PT-2026-42979
A vulnerability was detected in Totolink A8000RU 7.1cu.643 b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...
PT-2026-43042
A flaw has been found in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...
PT-2026-43151
Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description A security flaw in the Setting Handler component allows for remote OS command injection. This occurs through the manipulation of the admuser and admpass arguments within the setPasswordCfg functi...
NEC Aterm 安全漏洞
NEC Aterm is a series of wireless routers from Nippon Electric NEC. A security vulnerability exists in NEC Aterm that stems from an OS command injection issue, which could allow execution of arbitrary OS commands over an adjacent network if a malicious third party gains administrator access to th...
Taier 操作系统命令注入漏洞
Taier is a distributed scheduling system open-sourced by Kangaroo Cloud DTStack. It is designed to reduce the cost of ETL, clarify complex dependencies between tasks, and reduce labor costs for submission, scheduling, and operations. Taier version 1.4.0 suffers from an OS command injection...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setAccessDeviceCfg on the parameter mac in the Web Management...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setQosCfg on the parameter enable in the file /cgi-bin/cstecgi.cg...
PT-2026-43027
A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection. The attack can be initiated...
Edimax BR-6675nD 命令注入漏洞
The Edimax BR-6675nD is a dual-band broadband wireless router from China Xunzhou Edimax. A command injection vulnerability exists in the Edimax BR-6675nD version 1.12, which originates from the POST Request Handler component's manipulation of the parameter command in the file /goform/mp, which...
PT-2026-43002
A weakness has been identified in Edimax EW-7438RPn 1.31. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component Content-Type Handler. Executing a manipulation of the argument...
Linux Distros Unpatched Vulnerability : CVE-2026-39828
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially droppin...
Fedora 42 : evince (2026-49dc95b509)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-49dc95b509 advisory. Fix command injection CVE-2026-46529 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Debian dla-4597 : atril - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4597 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4597-1 [email protected] https://www.debian.org/lts/security/...
Debian dla-4596 : evince - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4596 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4596-1 [email protected] https://www.debian.org/lts/security/...
Edimax BR-6675nD 命令注入漏洞
Edimax BR-6675nD is a dual-band broadband wireless router from China Xunzhou Edimax. A command injection vulnerability exists in Edimax BR-6675nD version 1.12, which originates from the operation of the function stainfo on the parameter interface in the file /goform/stainfo, which could lead to...
PT-2026-43041
A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...