EUVD-2026-8971

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by providing malicious input via the device hostname configuration which is later processed during system setup, resulting in remote...

CVE-2026-20764 Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by providing malicious input via the device hostname configuration which is later processed during system setup, resulting in remote...

CVE-2025-64090

This vulnerability allows authenticated attackers to execute commands via the hostname of the device...

CVE-2025-64093

Remote Code Execution vulnerability that allows unauthenticated attackers to inject arbitrary commands into the hostname of the device...

CVE-2025-64090

This vulnerability allows authenticated attackers to execute commands via the hostname of the device...

CVE-2025-64093 Unauthenticated Remote Code Execution via the device hostname

Remote Code Execution vulnerability that allows unauthenticated attackers to inject arbitrary commands into the hostname of the device...

CVE-2025-64093 Unauthenticated Remote Code Execution via the device hostname

Remote Code Execution vulnerability that allows unauthenticated attackers to inject arbitrary commands into the hostname of the device...

CVE-2025-64093

CVE-2025-64093 is an unauthenticated Remote Code Execution affecting Zenitel ICX500/ICX510 exposed to networks. Public descriptions consistently state an attacker can inject arbitrary commands into the device hostname, enabling remote code execution with no user interaction. The CVSSv3.1 base sco...

CVE-2025-64090 Authenticated Remote Code Execution in device hostname

This vulnerability allows authenticated attackers to execute commands via the hostname of the device...

CVE-2025-64090 Authenticated Remote Code Execution in device hostname

This vulnerability allows authenticated attackers to execute commands via the hostname of the device...

CVE-2025-64090

CVE-2025-64090 affects Zenitel ICX500 and ICX510 platforms. Authenticated attackers can execute commands via the device hostname, implying remote code execution tied to hostname handling. Publicly provided details are limited to the vulnerability description; no patch/versioned remediation is spe...

Zenitel ICX500和Zenitel ICX510 安全漏洞

The Zenitel ICX500 and Zenitel ICX510 are both communication and control platforms from Zenitel Norway. A security vulnerability exists in the Zenitel ICX500 and Zenitel ICX510 that can be exploited by an authenticated attacker to execute commands via the device hostname...

EUVD-2020-29043

Malware in sbrugna...

UBUNTU-CVE-2024-43363

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process completing only step 5 of the installation process is enough, no need to complete the steps before or after it to...

CVE-2024-43363 Remote code execution via Log Poisoning in Cacti

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process completing only step 5 of the installation process is enough, no need to complete the steps before or after it to...

HooToo Tripmate HT-TM01 2.000.022 - CSRF Vulnerabilities

Exploit for php platform in category web applications Exploit Title: HooToo Tripmate HT-TM01 Cross Site Request Forgery Date: 03Sep15 Exploit Author: Ken Smith Contact: https://twitter.com/P4tchw0rk Vendor Homepage: http://www.hootoo.com Version: HT-TM01, version 2.000.022 1. Description Various...