CVE-2026-25070

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through th...

CVE-2019-25386

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains multiple reflected cross-site scripting vulnerabilities in the dmzholes.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the SRCIP, DESTIP,...

CVE-2020-8958

Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field...

Exploit for OS Command Injection in Gpononu 1Ge_Router_Wifi_Onu_V2801Rw_Firmware

A proof of concept for CVE-2020-8958 written in Python. The scri...

CVE-2020-8958

Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field. Recent assessments: Assessed Attacker Value: 0...

PT-2020-20395 · V Sol +1 · V-Sol Home Routers +2

Name of the Vulnerable Software and Affected Versions: Guangzhou 1GE ONU V2801RW versions 1.9.1-181203 through 2.9.0-181024 Guangzhou 1GE ONU V2804RGW versions 1.9.1-181203 through 2.9.0-181024 V-SOL Home Routers affected versions not specified Description: The issue allows remote attackers to...