Lucene search
K

146680 matches found

CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Edimax BR-6675nD 命令注入漏洞

Edimax BR-6675nD is a dual-band broadband wireless router from China Xunzhou Edimax. A command injection vulnerability exists in Edimax BR-6675nD version 1.12, which originates from the operation of the function stainfo on the parameter interface in the file /goform/stainfo, which could lead to...

6.5CVSS6.6AI score0.01158EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.17 views

PT-2026-43041

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS6.8AI score0.01385EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.6 views

miniclawd 命令注入漏洞

miniclawd is a lightweight personal AI assistant with multi-LLM and multi-channel support by Ziwen Personal Developer. A command injection vulnerability exists in miniclawd, which stems from the parameter requires.bins operation of file /src/application/skills-loader.ts in the component...

7.5CVSS7.1AI score0.01385EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setL2tpServerCfg on the parameter enable in the Web Management...

10CVSS7.3AI score0.02005EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.16 views

PT-2026-43039

A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The...

7.5CVSS6.7AI score0.01385EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

Gallagher Command Centre Service 安全漏洞

Gallagher Command Center Service is a security management platform service component of Gallagher New Zealand. A security vulnerability exists in Gallagher Command Centre Service that stems from the insertion of sensitive information into log files, which could lead to the disclosure of service...

8.1CVSS5.8AI score0.00132EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.17 views

PT-2026-43142

Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description An OS command injection issue exists in the Setting Handler component. A remote attacker can manipulate the webWlanIdx argument within the setWebWlanIdx function of the '/cgi-bin/cstecgi.cgi'...

6.5CVSS6.9AI score0.01057EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

miniclawd 操作系统命令注入漏洞

miniclawd is a lightweight personal AI assistant with multi-LLM and multi-channel support by Ziwen Personal Developer. miniclawd suffers from an OS command injection vulnerability that originates from the parameter manipulation of the function ExecTool.execute in the file /src/tools/exec.ts, whic...

7.5CVSS7AI score0.01385EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.16 views

PT-2026-43016

A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may ...

6.5CVSS6.2AI score0.01364EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

The TOTOLINK CA750-PoE is a wireless network access device from China-based TOTOLINK Electronics TOTOLINK. The TOTOLINK CA750-PoE version 6.2c.510 suffers from an operating system command injection vulnerability, which originates from the Setting Handler component's setNetworkDiag function in the...

6.5CVSS6.6AI score0.01803EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in the Totolink A8000RU version 7.1cu.643b20200521, which originates from the function /cgi-bin/cstecgi.cgi in the file /cgi-bin/cstecgi.cgi in the componen...

10CVSS7.3AI score0.01909EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.12 views

PT-2026-43098

A security flaw has been discovered in Totolink A8000RU 7.1cu.643 b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is...

10CVSS7AI score0.01909EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.11 views

PT-2026-43157

Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description An OS command injection issue exists in the Setting Handler component. The setNetworkDiag function within the '/cgi-bin/cstecgi.cgi' endpoint fails to properly sanitize several arguments, allowin...

6.5CVSS6.8AI score0.01803EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43099

A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be perform...

10CVSS7AI score0.01909EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.7 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setWiFiWpsCfg in the file /cgi-bin/cstecgi.cgi of the Web...

10CVSS7.3AI score0.01732EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.13 views

PT-2026-43046

A vulnerability was determined in Totolink A8000RU 7.1cu.643 b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possibl...

10CVSS7AI score0.02094EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.9 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

The TOTOLINK CA750-PoE is a wireless network access device from China-based TOTOLINK Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK CA750-PoE version 6.2c.510, which originates from an OS command injection in the Setting Handler component of the setPasswordCfg...

6.5CVSS6.6AI score0.01057EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.15 views

PT-2026-43010

A security flaw has been discovered in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setWiFiAdvancedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument bgProtection results in os command injection. The...

10CVSS7AI score0.01732EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.11 views

PT-2026-43047

A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed...

10CVSS7.1AI score0.02094EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43019

A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formAccept of the file /goform/formAccept of the component POST Request Handler. Such manipulation of the argument submit-url leads to command injection. It is possible to launch the attack...

6.5CVSS6.5AI score0.01364EPSS
Exploits0References4
Rows per page
Query Builder