4 matches found
Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097302)
Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...
CVE-2025-34262
Advantech WISE-DeviceOn Server has a stored XSS in /rmm/v1/devices/name/{agent_id} affecting versions prior to 5.4. An authenticated user can rename a device; the new_name is stored and later rendered in listings/details without HTML escaping, allowing injected script to run in the browser contex...
EUVD-2025-31454
Malicious code in bioql PyPI...
TOTOLINK N600R 操作系统命令注入漏洞
TOTOLINK N600R is a wireless router from Taiwan-based TOTOLINK, China.A command injection vulnerability exists in TOTOLINK N600R, which can be exploited by attackers to conduct command injection attacks via the devicemac parameter in /setting/setDeviceName...