Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/03/07 3:30 a.m.1 views

EUVD-2026-10092

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through th...

9.3CVSS6.5AI score0.00293EPSS
Exploits0References3
NVD
NVDadded 2026/03/07 1:15 a.m.2 views

CVE-2026-25070

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through th...

9.8CVSS0.00293EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/03/07 12:20 a.m.19 views

CVE-2026-25070 XikeStor SKS8310-8X PingTestSet Command Injection

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through th...

9.3CVSS0.00293EPSS
Exploits0References2
OSV
OSVadded 2025/07/10 11:15 p.m.0 views

CVE-2025-7419

A vulnerability was found in Tenda O3V2 1.0.0.123880. It has been classified as critical. This affects the function fromSpeedTestSet of the file /goform/setRateTest of the component httpd. The manipulation of the argument destIP leads to stack-based buffer overflow. It is possible to initiate the...

8.7CVSS6.4AI score0.01566EPSS
Exploits1References6
CNVD
CNVDadded 2020/03/09 12:0 a.m.1 views

Moxa MGate 5105-MB-EIP OS Command Injection Vulnerability

The MGate 5105-MB-EIP is an industrial Ethernet gateway that supports MQTT or third-party cloud services e.g., Azure and Alibaba Cloud to build Modbus RTU/ASCII/TCP and EtherNet/IP network communications for IIoT applications. An operating system command injection vulnerability exists in the...

9CVSS8.1AI score0.17792EPSS
Exploits0References1
OSV
OSVadded 2020/02/14 6:15 p.m.1 views

CVE-2020-8858

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. Authentication is required to exploit this vulnerability. The specific flaw exists within the DestIP parameter within MainPing.asp. The issue results from...

8.8CVSS7.6AI score
Exploits0References2
OSV
OSVadded 2018/08/27 3:29 p.m.2 views

CVE-2018-15887

MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request...

8.8CVSS6AI score0.07148EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2014/04/21 12:0 a.m.1 views

PT-2014-3002

Name of the Vulnerable Software and Affected Versions: ASUS RT-AC68U and other RT series routers versions prior to 3.0.0.4.374.5047 Description: The issue allows remote authenticated users to execute arbitrary commands via shell metacharacters in the destIP parameter in the Target field of the...

8.5CVSS7.1AI score0.43781EPSS
Exploits1References9
Rows per page
Query Builder