Lucene search
K

16 matches found

CVE
CVE
added 2026/05/04 12:41 a.m.14 views

CVE-2026-42364

CVE-2026-42364 concerns a command-injection in the GeoVision LPC2011/LPC2211 web interface. The vulnerability resides in the DdnsSetting.cgi endpoint of version 1.10, where a specially crafted DDNS configuration can trigger arbitrary command execution. The description notes an attacker can modify...

9.9CVSS6AI score0.01606EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/04/07 12:30 a.m.4 views

EUVD-2026-19547

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed...

7.5CVSS6.8AI score0.01409EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/06 10:15 p.m.5 views

CVE-2026-5688

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed...

7.5CVSS6.8AI score0.01409EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8412

Malware in sbrugna...

5.4CVSS5.6AI score0.00898EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-10628

Malware in sbrugna...

6.1CVSS6.3AI score0.01445EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-10632

Malware in sbrugna...

6.1CVSS6.3AI score0.01445EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 8:18 a.m.7 views

CVE-2019-20076

On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter DynDns settings of the Dynamic DNS Configuration...

6.1CVSS6.1AI score0.01445EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 a.m.6 views

CVE-2019-20072

On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter Dynamic DNS Configuration...

6.1CVSS6.1AI score0.01445EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.7 views

The vulnerability of the formSetSysToolDDNS function in the /goform/SetDDNSCfg file of the Tenda AX1803 router’s microprogramming system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetSysToolDDNS function in the /goform/SetDDNSCfg file of the Tenda AX1803 router’s microprogramming system is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of...

7.5CVSS8.1AI score0.14879EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/04/26 6:15 p.m.4 views

CVE-2024-4236

A vulnerability, which was classified as critical, has been found in Tenda AX1803 1.0.0.1. This issue affects the function formSetSysToolDDNS of the file /goform/SetDDNSCfg. The manipulation of the argument serverName/ddnsUser/ddnsPwd/ddnsDomain leads to stack-based buffer overflow. The attack ma...

8.8CVSS6.4AI score0.14879EPSS
Exploits0References4
NVD
NVD
added 2019/12/30 12:15 a.m.16 views

CVE-2019-20072

On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter Dynamic DNS Configuration...

6.1CVSS6.1AI score0.01445EPSS
Exploits1References3
Prion
Prion
added 2019/12/30 12:15 a.m.19 views

Design/Logic Flaw

On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter DynDns settings of the Dynamic DNS Configuration...

4.3CVSS6AI score0.01445EPSS
Exploits1References3
Prion
Prion
added 2019/12/30 12:15 a.m.13 views

Design/Logic Flaw

On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter Dynamic DNS Configuration...

4.3CVSS6AI score0.01445EPSS
Exploits1References3
CVE
CVE
added 2019/12/29 11:29 p.m.101 views

CVE-2019-20072

CVE-2019-20072 corresponds to a cross-site scripting vulnerability in Netis DL4323 devices, exploitable via the hostname parameter in form2Ddns.cgi used for Dynamic DNS configuration. The issue stems from insufficient input validation in the web application, enabling execution of arbitrary client...

6.1CVSS6AI score0.01445EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2019/12/29 11:28 p.m.107 views

CVE-2019-20076

CVE-2019-20076 concerns the Netis DL4323 modem, where a stored/reflected cross-site scripting (XSS) vulnerability exists in the DynDns settings page due to the username parameter in form2Ddns.cgi. The issue stems from insufficient input validation in the WEB application, enabling an attacker to i...

6.1CVSS6AI score0.01445EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2018/09/12 4:0 p.m.39 views

CVE-2018-16605

The CVE-2018-16605 entry pertains to D-Link DIR-600M devices where an XSS vulnerability exists in the Dynamic DNS Configuration page, specifically via the Hostname and Username fields. The vulnerability allows remote attackers to inject arbitrary web script or HTML when interacting with these fie...

5.4CVSS5.3AI score0.00898EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder