CVE-2025-12942

Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86...

CVE-2025-12942

CVE-2025-12942 affects NETGEAR R6260 and R6850 hardware: improper input validation allows unauthenticated LAN-connected attackers to perform MiTM attacks and gain control over the DNS Server, potentially enabling command execution. Affected versions are up to 1.1.0.86 for both models. According t...

Cobalt Ulster Strikes Again With New ForeLord Malware

A new credential-stealing malware, dubbed ForeLord, has been uncovered in a recent spear phishing campaign. Researchers tie the attack to a known advanced persistence threat APT group known as Cobalt Ulster. The emails distributing ForeLord were uncovered as part of a campaign, running between...

CVE-2017-14201 The shell DNS command can cause unpredictable results due to misuse of stack variables.

Use After Free vulnerability in the Zephyr shell allows a serial or telnet connected user to cause denial of service, and possibly remote code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all...

Netgear DGN2200 dnslookup.cgi Command Injection (CVE-2017-6334)

A command injection vulnerability exists in NETGEAR DGN2200 Router. The vulnerability is due to insufficient input validation in the router's web administration. Successful exploitation of this vulnerability could allow a remote attacker with valid login details to execute arbitrary code...

Researchers: PlugX More Prominent Than Ever

Existing in some form since 2008, the popular remote access tool PlugX has as notorious a history as any malware, but according to researchers the tool saw a spike of popularity in 2014 and is the go-to malware for many adversary groups. Many attacks, especially those occurring during the latter...

CuteNews 1.4.0 - Shell Injection Remote Command Execution

CuteNews 1.4.0 - Shell Injection Remote Command Execution ?php cutenxpl.php CuteNews 1.4.0possibly prior versions remote code execution by rgod site: http://rgod.altervista.org usage: launch form Apache, fill in requested fields, then go! make these changes in php.ini if you have troubles with th...

CVE-2004-1317

Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command...

CVE-2004-1317

Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command...

CVE-2004-1317

Netcat for Windows 1.1 is affected by a stack-based buffer overflow in doexec.c when used with the -e option. An overly long DNS command can overflow the stack and enable remote code execution. This is the same base vulnerability described in CVE-2004-1317, with corroborating references in exploi...

CVE-2004-1317

Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command...