CVE-2026-26791

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enableechoserver function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

EUVD-2026-11621

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enableechoserver function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2026-26791

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enableechoserver function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

PT-2026-25024

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enable echo server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2026-26791

GL-iNet GL-AR300M16 firmware v4.3.11 contains a command injection in the enable_echo_server function via the string port parameter. A crafted input can lead to arbitrary command execution. Affected component: enable_echo_server; vulnerability archetype: command injection. Impact is described as a...

CVE-2026-26791

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enableechoserver function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2026-26791

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enableechoserver function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

GL-iNet GL-AR300M16 安全漏洞

GL-iNet GL-AR300M16 is a portable mini router produced by the Chinese company GL-iNet. The GL-iNet GL-AR300M16 v4.3.11 version contains a security vulnerability. This vulnerability stems from the string port parameter in the enableechoserver function, which allows for command injection, potential...

CVE-2026-26791

GL-iNet GL-AR300M16 v4.3.11 was discovered to contain a command injection vulnerability via the string port parameter in the enableechoserver function. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2022-40083

Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...

CVE-2018-12300

Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Referer header via the 'state' URL parameter...

GE GEMNet License server (EchoServer) authentication bypass vulnerability

GE GEMNet License server EchoServer is a set of license servers for GE products from General Electric GE. A security vulnerability exists in the GE GEMNet License server EchoServer that arises from a device using default or hard-coded credentials. A remote attacker could use this vulnerability to...

CVE-2008-3671

Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-3671

The CVE-2008-3671 entry concerns Acronis True Image Echo Server 9.x build 8072 running on Linux, where backups sent to an FTP server are not properly encrypted. This leads to potential information disclosure by remote attackers. The vulnerability description notes that the provenance is unknown a...

CVE-2008-3671

Acronis True Image Echo Server 9.x build 8072 on Linux does not properly encrypt backups to an FTP server, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...