Lucene search
K

32 matches found

Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.4 views

PT-2026-30749

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313 b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed...

7.5CVSS6.8AI score0.01409EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.8 views

Zyxel多款产品 操作系统命令注入漏洞

Zyxel USG FLEX, among others, are products of the Chinese company Zyxel. Zyxel USG FLEX is a firewall. Zyxel ATP is also a firewall. Zyxel USG FLEX 50W/USG20W-VPN is a series of firewalls. Several Zyxel products have vulnerabilities related to operating system command injection. These...

7.2CVSS7.6AI score0.01354EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/31 12:0 a.m.2 views

TOTOLINK A3300R setDdnsCfg function buffer overflow vulnerability

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a buffer overflow vulnerability that originates from the failure of the function setDdnsCfg in the file...

9.8CVSS9.1AI score0.00753EPSS
Exploits1References1
NVD
NVD
added 2025/10/07 10:15 a.m.4 views

CVE-2025-11386

A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit...

9CVSS0.00745EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/10/07 9:27 a.m.6 views

CVE-2025-11328

A vulnerability was detected in Tenda AC18 15.03.05.196318. This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be...

9CVSS7.7AI score0.00988EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8490

Malware in sbrugna...

6.8CVSS6.4AI score0.02871EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-19271

Malware in sbrugna...

5.4CVSS5.6AI score0.00676EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-10725

Malware in sbrugna...

10CVSS9.5AI score0.03882EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/07 12:0 a.m.6 views

Tenda AC15 安全漏洞

Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol and is mainly designed for home network environment. Tenda AC15 has a stack buffer overflow vulnerability, which originates from the parameter ddnsEn in th...

9CVSS8.3AI score0.00745EPSS
Exploits1References5
OSV
OSV
added 2025/10/06 9:15 a.m.4 views

CVE-2025-11328

A vulnerability was detected in Tenda AC18 15.03.05.196318. This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be...

8.7CVSS6.4AI score0.00988EPSS
Exploits1References5
CVE
CVE
added 2025/10/06 8:32 a.m.21 views

CVE-2025-11328

CVE-2025-11328 affects Tenda AC18 (firmware 15.03.05.19(6318)). The flaw is a stack-based buffer overflow in /goform/SetDDNSCfg caused by improper validation of the ddnsEn parameter, enabling remote, unauthenticated code execution or crash. Multiple sources corroborate the vulnerability and descr...

9CVSS8.7AI score0.00988EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-53625

Malicious code in bioql PyPI...

7.2CVSS6.8AI score0.00644EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-32788

Malicious code in bioql PyPI...

9CVSS8.8AI score0.14879EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 2:34 a.m.7 views

CVE-2023-49691

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.0, SCALANCE...

7.2CVSS6.7AI score0.00644EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:23 p.m.7 views

CVE-2020-26733

Cross Site Scripting XSS in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section...

5.4CVSS5.9AI score0.00676EPSS
Exploits1
OSV
OSV
added 2024/01/11 4:15 p.m.4 views

CVE-2024-23059

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function...

9.8CVSS5.8AI score0.01728EPSS
Exploits1References1
NVD
NVD
added 2023/12/12 12:15 p.m.18 views

CVE-2023-49691

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.0, SCALANCE...

7.2CVSS0.00644EPSS
Exploits0References4
Prion
Prion
added 2023/12/12 12:15 p.m.20 views

Command injection

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router Annex A 6GK5812-1AA00-2AA2 All versions V8.0,...

4CVSS6.9AI score0.00644EPSS
Exploits0References3Affected Software20
Cvelist
Cvelist
added 2023/12/12 11:27 a.m.21 views

CVE-2023-49691

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.0, SCALANCE...

7.2CVSS7AI score0.00644EPSS
Exploits0References4
NVD
NVD
added 2021/01/14 4:15 p.m.10 views

CVE-2020-26733

Cross Site Scripting XSS in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section...

5.4CVSS5.2AI score0.00676EPSS
Exploits1References1
Rows per page
Query Builder