Lucene search
K

33 matches found

RedhatCVE
RedhatCVE
added 2026/04/09 7:23 p.m.2 views

CVE-2026-35520

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...

8.8CVSS6.2AI score0.00701EPSS
Exploits1References1
NVD
NVD
added 2026/04/07 4:16 p.m.8 views

CVE-2026-35520

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...

8.8CVSS0.00701EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/07 3:19 p.m.21 views

CVE-2026-35520 Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.leaseTime Newline Injection

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...

8.8CVSS0.00701EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/07 3:19 p.m.6 views

CVE-2026-35520 Pi-hole FTL affected by Remote Code Execution (RCE) via dhcp.leaseTime Newline Injection

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...

8.8CVSS6.2AI score0.00701EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/07 3:19 p.m.2 views

CVE-2026-35520

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...

8.8CVSS6.2AI score0.00701EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/04/07 3:19 p.m.6 views

EUVD-2026-19713

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...

8.8CVSS6.2AI score0.00701EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.8 views

PT-2026-30885

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DHCP lease time configuration parameter dhcp.leaseTime. This vulnerability allows an...

8.8CVSS6.2AI score0.00701EPSS
Exploits1References2
NVD
NVD
added 2026/03/16 2:20 p.m.4 views

CVE-2026-4203

A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...

9.8CVSS0.03831EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-0877

Malware in sbrugna...

5CVSS6.1AI score0.02605EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.8 views

CVE-2019-14918

XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etcro/web/internet/dhcpcliinfo.asp...

5.4CVSS6.6AI score0.00779EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.19 views

openSUSE: Security Advisory for connman (openSUSE-SU-2023:0369-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.00964EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/03/28 12:0 a.m.6 views

PT-2020-6849

Name of the Vulnerable Software and Affected Versions Pi-hole Web version 4.3.2 Description The issue allows remote code execution by privileged dashboard users via a crafted DHCP static lease. This is due to the failure to neutralize special elements used in the operating system command...

9.1CVSS9.2AI score0.77847EPSS
Exploits13References27
CNVD
CNVD
added 2020/01/15 12:0 a.m.3 views

Billion Smart Energy Router SG600R2 DHCP Lease Status Form Cross-Site Scripting Vulnerability

The Billion Smart Energy Router SG600R2 is a router device. A cross-site scripting vulnerability exists in the Billion Smart Energy Router SG600R2 DHCP lease status form, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain...

5.4CVSS6.2AI score0.00779EPSS
Exploits1References1
OSV
OSV
added 2020/01/09 5:15 p.m.2 views

CVE-2019-14918

XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etcro/web/internet/dhcpcliinfo.asp...

5.4CVSS6.5AI score
Exploits0References1
CNVD
CNVD
added 2018/10/16 12:0 a.m.3 views

ASUS RT-AC58U Information Disclosure Vulnerability

ASUS RT-AC58U is a wireless router product from ASUS. A security vulnerability exists in ASUS RT-AC58U version 3.0.0.4.3806516. The vulnerability can be exploited by a remote attacker to obtain the hostname and IP address by reading the dhcpLeaseInfo data in the HTML source code of the...

5.3CVSS5.6AI score0.01722EPSS
Exploits1References1
Prion
Prion
added 2018/10/14 9:29 p.m.18 views

Code injection

On ASUS RT-AC58U 3.0.0.4.3806516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the MainLogin.asp page...

5CVSS5.5AI score0.01722EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/10/14 9:29 p.m.6 views

CVE-2018-18287

On ASUS RT-AC58U 3.0.0.4.3806516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the MainLogin.asp page...

5.3CVSS5.9AI score0.01722EPSS
Exploits1References1
OSV
OSV
added 2018/09/26 10:29 p.m.0 views

CVE-2018-16055

An authenticated command injection vulnerability exists in statusinterfaces.php via dhcprelinquishlease in pfSense before 2.4.4 due to its passing user input from the $POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGU...

8.8CVSS5.9AI score0.11191EPSS
Exploits0References2
Prion
Prion
added 2018/09/26 10:29 p.m.20 views

Command injection

An authenticated command injection vulnerability exists in statusinterfaces.php via dhcprelinquishlease in pfSense before 2.4.4 due to its passing user input from the $POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGU...

9CVSS8.8AI score0.11191EPSS
Exploits0References2Affected Software1
Citrix
Citrix
added 2018/08/28 12:0 a.m.10 views

How to use Citrix App Layering with Fixed IP Addresses

In App Layering, the ELM needs to be able to determine which NIC device is the "active" NIC. The ELM must determine the active NIC in orderto properly merge network instances and services from different layers, howeverthere's no flag in the registry that identifies the NIC that will be used to...

7AI score
Exploits0
Rows per page
Query Builder