Lucene search
K

33 matches found

CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Siemens SIMATIC 跨站脚本漏洞

Siemens SIMATIC is a series of programmable control and industrial software products developed by Siemens, a German company, for industrial automation and process control applications. Siemens SIMATIC has a cross-site scripting vulnerability. This vulnerability stems from the Web interface’s moti...

9.3CVSS7.3AI score0.0037EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-3257

Malware in sbrugna...

7.5CVSS7.5AI score0.02245EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-3097

Malware in sbrugna...

5CVSS6.4AI score0.0209EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/08/25 12:0 a.m.2 views

DASAN H660WM 安全漏洞

DASAN H660WM is an optical network terminal from DASAN, Korea. A security vulnerability exists in the DASAN H660WM H660WMR210825 version, which originates from improper access control of the component /cgi-bin/systemdiagnosticmain.asp, which could result in access to sensitive information...

6.5CVSS6.6AI score0.00303EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.7 views

PT-2024-20682 · Gallagher · Controller 6000 +1

Name of the Vulnerable Software and Affected Versions: Controller 6000 and Controller 7000 versions 8.70 and prior Controller 6000 and Controller 7000 versions 8.80 through 8.80.1938 MR6 Controller 6000 and Controller 7000 versions 8.90 through 8.90.2155 MR5 Controller 6000 and Controller 7000...

6.5CVSS7.1AI score0.00324EPSS
Exploits0References5
CNVD
CNVD
added 2024/08/29 12:0 a.m.3 views

Unspecified Vulnerability in NETGEAR DGN1000WW (CNVD-2025-11162)

The NETGEAR DGN1000WW is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR DGN1000WW, which can be exploited by an attacker to execute arbitrary code via a diagnostic page...

8.8CVSS8AI score0.1353EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/23 12:0 a.m.5 views

NETGEAR DGN1000WW 安全漏洞

The NETGEAR DGN1000WW is a wireless router from NETGEAR. A security vulnerability exists in the NETGEAR DGN1000WW, which can be exploited by an attacker to execute arbitrary code via a diagnostic page...

8.8CVSS7.6AI score0.1353EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/17 12:0 a.m.3 views

Helmholz REX 跨站脚本漏洞

Helmholz REX is a series of routers from Helmholz. A cross-site scripting vulnerability exists in the Helmholz REX 200 and REX 250, which stems from the ability to store an arbitrary JavaScript load on the device's diagnostic page...

5.4CVSS5.1AI score0.00345EPSS
Exploits0References3
CNVD
CNVD
added 2023/06/30 12:0 a.m.9 views

RG-BCR860 OS Command Injection Vulnerability in Beijing StarNet Ruijie Network Technology Co.

The RG-BCR860 is a commercial cloud router from Ruijie Networks China. Ltd. The RG-BCR860 version 2.5.13 suffers from an operating system command injection vulnerability that originates from the failure of the component Network Diagnostic Page to correctly filter constructed command special...

7.2CVSS7.4AI score0.50085EPSS
Exploits1References1
OSV
OSV
added 2023/06/28 6:15 p.m.4 views

CVE-2023-3450

A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public...

7.2CVSS5.4AI score0.50085EPSS
Exploits1References3
Prion
Prion
added 2023/06/28 6:15 p.m.16 views

Command injection

A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public...

5.8CVSS7.3AI score0.50085EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/06/28 6:0 p.m.28 views

CVE-2023-3450 Ruijie RG-BCR860 Network Diagnostic Page os command injection

A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public...

5.8CVSS7.6AI score0.50085EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/06/28 6:0 p.m.19 views

CVE-2023-3450 Ruijie RG-BCR860 Network Diagnostic Page os command injection

A vulnerability was found in Ruijie RG-BCR860 2.5.13 and classified as critical. This issue affects some unknown processing of the component Network Diagnostic Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public...

5.8CVSS7.2AI score0.50085EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/06/28 12:0 a.m.5 views

PT-2023-24908 · Ruijie · Ruijie Rg-Bcr860

Name of the Vulnerable Software and Affected Versions: Ruijie RG-BCR860 version 2.5.13 Description: A critical issue affects the Network Diagnostic Page component, leading to os command injection through unknown processing. This can be exploited remotely. Recommendations: For Ruijie RG-BCR860...

7.2CVSS7.5AI score0.50085EPSS
Exploits1References4
OSV
OSV
added 2022/05/24 5:33 p.m.26 views

GHSA-Q6RQ-4WHR-R879 Missing permission check in Jenkins Active Directory Plugin allows accessing domain health check page

Jenkins Active Directory Plugin 2.19 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to access the domain health check diagnostic page. Jenkins Active Directory Plugin 2.20 requires Overall/Administer permission to access the...

4.3CVSS4.3AI score0.00668EPSS
Exploits0References4
OSV
OSV
added 2021/08/13 4:15 p.m.5 views

CVE-2021-36380

Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi...

9.8CVSS7.5AI score0.97599EPSS
Exploits1References3
NVD
NVD
added 2020/11/04 3:15 p.m.29 views

CVE-2020-2302

A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page...

4.3CVSS4.5AI score0.00668EPSS
Exploits0References1
OSV
OSV
added 2020/11/04 3:15 p.m.12 views

CVE-2020-2302

A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page...

4.3CVSS6.6AI score
Exploits0References1
CVE
CVE
added 2020/11/04 2:35 p.m.78 views

CVE-2020-2302

CVE-2020-2302 affects Jenkins Active Directory Plugin 2.19 and earlier, where a missing permission check allows attackers with Overall/Read permission to access the domain health check diagnostic page. The issue is fixed by upgrading to version 2.20, which enforces Overall/Administer permission f...

4.3CVSS4.4AI score0.00668EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/09/24 3:15 p.m.2 views

CVE-2020-24365

An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. The Monitor Diagnostic network page allows an authenticated attacker to execute a command directly on the target machine. Commands are executed as the root user uid 0. Even if a login is required, most...

8.8CVSS7.4AI score0.11414EPSS
Exploits3References2
Rows per page
Query Builder