CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the runcmd argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS7.8AI score0.00331EPSS

Exploits0References1

RedhatCVE•added 2025/06/10 9:19 p.m.•3 views

CVE-2025-32458

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getsyslogfromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.7CVSS7.8AI score0.00331EPSS

Exploits0References1

RedhatCVE•added 2025/06/10 9:19 p.m.•3 views

CVE-2025-32459

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the synctime argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS7.8AI score0.00331EPSS

Exploits0References1

RedhatCVE•added 2025/06/10 9:19 p.m.•2 views

CVE-2025-32457

The Quantenna Wi-Fi chipset ships with a local control script, routercommand.sh in the getfilefromqtn argument, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7....

7.7CVSS7.8AI score0.00331EPSS

Exploits0References1

NVD•added 2025/06/08 9:15 p.m.•9 views

CVE-2025-3460

The Quantenna Wi-Fi chipset ships with a local control script, settxpow, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...

7.8CVSS0.00977EPSS

Exploits1References2

NVD•added 2025/06/08 9:15 p.m.•16 views

CVE-2025-32457

7.8CVSS0.00331EPSS

Exploits0References2

Cvelist•added 2025/06/08 9:4 p.m.•11 views

CVE-2025-32458 ON Semiconductor Quantenna router_command.sh (in the get_syslog_from_qtn argument) Argument Injection

7.7CVSS0.00331EPSS

Exploits0References2

CVE•added 2025/06/08 9:4 p.m.•50 views

CVE-2025-32458

The CVE-2025-32458 entry affects Quantenna Wi‑Fi chipset firmware (through version 8.0.0.28 of the latest SDK). The local control script router_command.sh (in the get_syslog_from_qtn argument) is vulnerable to command injection (CWE-88). The issue is described as LOCAL, with LOW privileges, NONE ...

7.8CVSS7.9AI score0.00331EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/06/08 9:4 p.m.•3 views

CVE-2025-32458 ON Semiconductor Quantenna router_command.sh (in the get_syslog_from_qtn argument) Argument Injection

7.7CVSS7.9AI score0.00331EPSS

Exploits0References2

Cvelist•added 2025/06/08 9:2 p.m.•10 views

CVE-2025-3460 ON Semiconductor Quantenna set_tx_pow Argument Injection

7.7CVSS0.00977EPSS

Exploits1References2

Cvelist•added 2025/06/08 9:2 p.m.•10 views

CVE-2025-3459 ON Semiconductor Quantenna transmit_file Argument Injection

The Quantenna Wi-Fi chipset ships with a local control script, transmitfile, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...

7.7CVSS0.00331EPSS

Exploits0References2

ICS•added 2024/05/14 6:0 a.m.•36 views

Johnson Controls Software House C●CURE 9000

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION : Low attack complexity Vendor : Johnson Controls Equipment : Software House C●CURE 9000 Vulnerability : Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to...

8.5CVSS4.4AI score0.0005EPSS

Exploits0References10

GithubExploit•added 2024/04/11 1:48 p.m.•415 views

Exploit for Unrestricted Upload of File with Dangerous Type in Openeclass

CVE-2024-31777 | GUnet OpenEclass E-learning platform Unrestri...

9.8CVSS10AI score0.30388EPSS

Exploits6

ICS•added 2022/06/21 12:0 a.m.•78 views

JTEKT TOYOPUC

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: JTEKT Equipment: TOYOPUC Products Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology OT...

9.8CVSS10AI score0.00341EPSS

Exploits0References4

ICS•added 2022/06/16 12:0 a.m.•31 views

Hillrom Medical Device Management

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hillrom Medical. Welch Allyn, and ELI are registered trademarks of Baxter International, Inc., or its subsidiaries. Equipment: Welch Allyn medical devices Vulnerabilities: Use of Hard-coded Password,...

7.7CVSS7.1AI score0.00085EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by