Lucene search
K

146654 matches found

CVE
CVE
added 2026/05/25 12:0 a.m.17 views

CVE-2026-9408

Totolink A8000RU Web Management ( CGI: /cgi-bin/cstecgi.cgi ) is affected by CVE-2026-9408. The vulnerability centers on the setStaticDhcpRules function where manipulating the enable argument leads to OS command injection. Impact is described as remote exploitation with high severity (scores in C...

10CVSS7AI score0.01732EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.6 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK A8000RU version 7.1cu.643b20200521, which originates from the parameter of the function UploadOpenVpnCert in the file /cgi-bin/cstecgi.cgi in the component We...

10CVSS7.3AI score0.01909EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.7 views

Edimax EW-7438RPn 操作系统命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. An OS command injection vulnerability exists in the Edimax EW-7438RPn version 1.31, which stems from the manipulation of the parameters of the function formWlanMP in the file /goform/formWlanMP by the Content-Typ...

6.5CVSS6.5AI score0.01158EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.7 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the function setParentalRules in the Web Management Interface component file /cgi-bin/cstecgi.c...

10CVSS7.3AI score0.01909EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.15 views

PT-2026-42979

A vulnerability was detected in Totolink A8000RU 7.1cu.643 b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

10CVSS7AI score0.01732EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43042

A flaw has been found in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

10CVSS7AI score0.01909EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.13 views

PT-2026-43151

Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description A security flaw in the Setting Handler component allows for remote OS command injection. This occurs through the manipulation of the admuser and admpass arguments within the setPasswordCfg functi...

6.5CVSS6.6AI score0.01057EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

NEC Aterm 安全漏洞

NEC Aterm is a series of wireless routers from Nippon Electric NEC. A security vulnerability exists in NEC Aterm that stems from an OS command injection issue, which could allow execution of arbitrary OS commands over an adjacent network if a malicious third party gains administrator access to th...

8.5CVSS6AI score0.00722EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.6 views

Taier 操作系统命令注入漏洞

Taier is a distributed scheduling system open-sourced by Kangaroo Cloud DTStack. It is designed to reduce the cost of ETL, clarify complex dependencies between tasks, and reduce labor costs for submission, scheduling, and operations. Taier version 1.4.0 suffers from an OS command injection...

6.5CVSS6.6AI score0.01364EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setAccessDeviceCfg on the parameter mac in the Web Management...

10CVSS7.3AI score0.01909EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.8 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setQosCfg on the parameter enable in the file /cgi-bin/cstecgi.cg...

10CVSS7.3AI score0.01909EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43027

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection. The attack can be initiated...

6.5CVSS6.4AI score0.0135EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.7 views

Edimax BR-6675nD 命令注入漏洞

The Edimax BR-6675nD is a dual-band broadband wireless router from China Xunzhou Edimax. A command injection vulnerability exists in the Edimax BR-6675nD version 1.12, which originates from the POST Request Handler component's manipulation of the parameter command in the file /goform/mp, which...

5.8CVSS5.8AI score0.02077EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43002

A weakness has been identified in Edimax EW-7438RPn 1.31. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component Content-Type Handler. Executing a manipulation of the argument...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-39828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially droppin...

8.8CVSS5.9AI score0.00221EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.25 views

Fedora 42 : evince (2026-49dc95b509)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-49dc95b509 advisory. Fix command injection CVE-2026-46529 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

8.4CVSS5.4AI score0.00529EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.12 views

Debian dla-4597 : atril - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4597 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4597-1 [email protected] https://www.debian.org/lts/security/...

8.4CVSS5.3AI score0.00529EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.15 views

Debian dla-4596 : evince - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4596 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4596-1 [email protected] https://www.debian.org/lts/security/...

8.4CVSS5.3AI score0.00529EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Edimax BR-6675nD 命令注入漏洞

Edimax BR-6675nD is a dual-band broadband wireless router from China Xunzhou Edimax. A command injection vulnerability exists in Edimax BR-6675nD version 1.12, which originates from the operation of the function stainfo on the parameter interface in the file /goform/stainfo, which could lead to...

6.5CVSS6.6AI score0.01158EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.17 views

PT-2026-43041

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS6.8AI score0.01385EPSS
Exploits0References5
Rows per page
Query Builder