Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.6 views

CVE-2021-28151

Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address aka Destination field to the tools.cgi ping command, which is accessible with the username guest and password guest...

9CVSS7.7AI score0.27912EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-53256

Malicious code in bioql PyPI...

9.8CVSS7.3AI score0.00733EPSS
Exploits0References2
Prion
Prion
added 2024/01/12 3:15 p.m.15 views

Design/Logic Flaw

Authenticated user can execute arbitrary commands in the context of the root user by providing payload in the "destination" field of the network test tools. This is similar to the vulnerability CVE-2021-28151 mitigated on the user interface level by blacklisting characters with JavaScript, howeve...

6.5CVSS7.8AI score0.27912EPSS
Exploits1References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2021/05/27 12:0 a.m.6 views

Hongdian H8922 Command Injection (CVE-2021-28151; CVE-2021-28149)

A command injection vulnerability exists in Hongdian H8922. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.4AI score0.27912EPSS
Exploits2
CVE
CVE
added 2021/05/06 3:11 p.m.63 views

CVE-2021-28151

Hongdian H8922 3.0.5 devices are vulnerable to remote command injection in tools.cgi ping via shell metacharacters in the ip-address (Destination) field, accessible with guest/guest credentials. The Nuclei template and other sources confirm that an attacker can execute arbitrary commands on the d...

9CVSS9AI score0.27912EPSS
In wildExploits1References2Affected Software1
Circl
Circl
added 2021/04/29 7:23 a.m.28 views

CVE-2021-28151

creationtimestamp| type| source ---|---|--- 2021-04-29 07:23:32+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/277 2021-05-07 17:47:07+00:00| published-proof-of-concept| Telegram/FdkVDBIKpoqp16cfdJYyeV8sCKCSKU4J9zwfH0-46n3abAQ 2025-01-26 00:00:00+00:00| seen| The Shadowserver...

9CVSS7.3AI score0.27912EPSS
In wildExploits1References4
Rows per page
Query Builder