CVE-2026-35449 WWBN AVideo has Unauthenticated Information Disclosure via Disabled CLI Guard in install/test.php

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the install/test.php diagnostic script has its CLI-only access guard disabled by commenting out the die statement. The script remains accessible via HTTP after installation, exposing video viewer statistics including IP...

Intego Log Reporter 安全漏洞

Intego Log Reporter is a log collection and analysis tool developed by Intego. There is a security vulnerability in Intego Log Reporter. This vulnerability stems from diagnostic scripts executed with root privileges, which fail to enforce secure directory handling when creating and writing files ...

RG-EW Series Routers 命令注入漏洞

Ruijie RG-EW Series Routers is a router from China Ruijie Networks Ruijie. A security vulnerability exists in RG-EW1200G PRO Wireless Routers EW3.01B11P204 version, RG-EW1800GX PRO Wireless Routers EW3.01B11P204 version, RG-EW3200GX PRO Wireless Routers EW3.0 A security vulnerability exists in...

Weidmueller Industrial WLAN devices OS command injection vulnerability (CNVD-2021-48136)

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. The Weidmueller Industrial WLAN devices suffer from an operating system command injection vulnerability that can be exploited by an attacker via a specially crafted diagnostic script filename to cause user input ...

Weidmueller Industrial WLAN devices OS command injection vulnerability (CNVD-2021-48134)

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. An operating system command injection vulnerability exists in Weidmueller Industrial WLAN devices, which can be exploited by an attacker via a specially crafted diagnostic script file to cause arbitrary busybox...

CVE-2021-33532

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in the iwwebs functionality. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the...

CVE-2021-33530

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote contro...

Command injection

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote contro...

CVE-2021-33530 WEIDMUELLER: WLAN devices affected by OS Command Injection vulnerability

In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the devices. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote contro...

Weidmueller Industrial WLAN 操作系统命令注入漏洞

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. The Weidmueller Industrial WLAN devices suffer from an operating system command injection vulnerability that can be exploited by an attacker via a specially crafted diagnostic script filename to cause user input ...

Weidmueller Industrial WLAN 操作系统命令注入漏洞

Weidmueller Industrial WLAN devices is an industrial WIAN from Weidmueller, Germany. The Weidmueller Industrial WLAN devices suffer from an operating system command injection vulnerability that can be exploited by an attacker via a specially crafted diagnostic script filename to cause user input ...

CVE-2021-1441 Cisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution Vulnerability

A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers and Cisco ESR6300 Embedded Series Routers could allow an authenticated, local attacker to execute unsigned code at system boot time. This vulnerability is...

PT-2021-2556 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco 1100 Series Industrial Integrated Services Routers affected versions not specified Cisco IOS XE Software for Cisco ESR6300 Embedded Series Routers affected versions not specified Description: The issue exists d...

Cisco IOS XE Software 操作系统命令注入漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An arbitrary code execution vulnerability exists in the hardware initialization routines of Cisco IOS XE. The vulnerability stems from incorrect validation of parameters passed to...

CVE-2019-5138

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker...

CVE-2019-5140

An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. An attack...

CVE-2019-5138

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker...

Command injection

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker...

CVE-2019-5138

An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An attacker...

Moxa AWK-3131A Encrypted Diagnostic Script Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An...