Lucene search
K

3858 matches found

Packet Storm
Packet Storm
added 2024/08/22 12:0 a.m.310 views

DIAEnergie 1.10 SQL Injection

class MetasploitModule 'DIAEnergie SQL Injection CVE-2024-4548', 'Description' = %q SQL injection vulnerability in DIAEnergie MSFLICENSE, 'Author' = 'Michael Heinzl', MSF exploit 'Tenable' Discovery & PoC , 'References' = 'URL', 'https://www.tenable.com/security/research/tra-2024-13', 'CVE',...

9.8CVSS7.1AI score0.29425EPSS
Exploits5
0day.today
0day.today
added 2024/08/22 12:0 a.m.248 views

DIAEnergie 1.10 SQL Injection Exploit

This Metasploit module exploit a remote SQL injection vulnerability in the CBEC service of DIAEnergie versions 1.10 and below from Delta Electronics. The commands will get executed in the context of NT AUTHORITY\SYSTEM. class MetasploitModule 'DIAEnergie SQL Injection CVE-2024-4548', 'Description...

9.8CVSS8.2AI score0.29425EPSS
Exploits5
Metasploit
Metasploit
added 2024/08/21 6:52 p.m.328 views

DIAEnergie SQL Injection (CVE-2024-4548)

SQL injection vulnerability in DIAEnergie use exploit/windows/scada/diaenergiesqli msf exploitdiaenergiesqli show targets ...targets... msf exploitdiaenergiesqli set TARGET msf exploitdiaenergiesqli show options ...show and set options... msf exploitdiaenergiesqli exploit class MetasploitModule...

9.8CVSS9.7AI score0.29425EPSS
Exploits5
CNVD
CNVD
added 2024/08/21 12:0 a.m.5 views

Command Execution Vulnerability in the Management Server of itC Center of Guangdong Paulan Electronics Company Limited (CNVD-2024-41253)

Guangzhou Paulun Electronic Co., Ltd. is a company mainly engaged in public broadcasting, campus broadcasting, conference system, paperless system, recording and broadcasting system, intelligent campus, stage lighting, LED big screen, landscape lighting and other projects. There is a command...

7.5AI score
Exploits0
CNVD
CNVD
added 2024/08/21 12:0 a.m.6 views

TOTOLINK X5000R setLedCfg Function OS Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setLedCfg function in the file /cgi-bin/cstecgi.cgi that fails to properly filter...

6.8CVSS7.8AI score0.0276EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/21 12:0 a.m.6 views

TOTOLINK X5000R addBlacklist Function OS Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the addBlacklist function in the file /cgi-bin/cstecgi.cgi failing to properly filter...

7.8CVSS7.8AI score0.01622EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/20 12:0 a.m.7 views

TOTOLINK X5000R Operating System Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. An attacker can exploit this vulnerability by sending malicious packets to execute arbitrary commands...

9.8CVSS7.8AI score0.01677EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/20 12:0 a.m.9 views

TOTOLINK X5000R OS Command Injection Vulnerability (CNVD-2024-36351)

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. An attacker can exploit this vulnerability by sending malicious packets to execute arbitrary commands...

8.8CVSS7.8AI score0.01647EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/16 12:0 a.m.5 views

TOTOLINK LR350 Access Control Error Vulnerability

TOTOLINK LR350 is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK LR350 suffers from an Access Control Error vulnerability that originates from an Access Control Error vulnerability contained in the /cgi-bin/ExportSettings.sh file. No details of the vulnerability are provid...

9.8CVSS6.8AI score0.00604EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/14 12:0 a.m.5 views

TOTOLINK X5000R setWiFiWpsCfg Method Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setWiFiWpsCfg method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special...

9.8CVSS7.4AI score0.01663EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/14 12:0 a.m.5 views

TOTOLINK X5000R setWanIeCfg Method Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setWanIeCfg method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special...

8.8CVSS7.4AI score0.01049EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/14 12:0 a.m.5 views

TOTOLINK X5000R setUrlFilterRules Method Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setUrlFilterRules method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command...

8.8CVSS7.4AI score0.01661EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/14 12:0 a.m.3 views

TOTOLINK X5000R setUPnPCfg Method Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setUPnPCfg method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command special...

9.8CVSS7.4AI score0.01663EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/14 12:0 a.m.4 views

TOTOLINK X5000R setSyslogCfg Method Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setSyslogCfg method of /cgi-bin/cstecgi.cgi failing to properly filter construct command special...

8.8CVSS7.4AI score0.01647EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/14 12:0 a.m.4 views

TOTOLINK X5000R setL2tpServerCfg Method Command Injection Vulnerability

The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in TOTOLINK X5000R version v9.1.0cu.2350b20230313. The vulnerability stems from the setL2tpServerCfg method of /cgi-bin/cstecgi.cgi failing to properly filter constructed command speci...

8.8CVSS7.4AI score0.01168EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/14 12:0 a.m.8 views

TOTOLINK A3700R ssid parameter buffer overflow vulnerability

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK A3700R v9.1.2u.5822B20200513, which stems from the ssid parameter of the setWizardCfg function failing to correctly validate the length and size of the input dat...

9.8CVSS8.3AI score0.00663EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/14 12:0 a.m.9 views

TOTOLINK A3002R Buffer Overflow Vulnerability (CNVD-2024-35649)

TOTOLINK A3002R is a wireless dual-band Gigabit router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A3002R version v4.0.0-B20230531.1404, which originates from formParentControl failing to correctly validate the length and size of the input data in...

9.8CVSS8.3AI score0.00629EPSS
Exploits1References1
CNVD
CNVD
added 2024/08/14 12:0 a.m.4 views

Delta Electronics DIAScreen Stack Buffer Vulnerability

Delta Electronics DIAScreen is an intelligent desktop builder from Delta Electronics in China. A stack buffer vulnerability exists in Delta Electronics DIAScreen, which can be exploited by an attacker to execute arbitrary code...

8.5CVSS7.5AI score0.00424EPSS
Exploits0References1
NVD
NVD
added 2024/08/12 1:38 p.m.11 views

CVE-2024-6684

Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom Nova Panel N7 allows Authentication Bypass. This issue affects inohom Nova Panel N7: through 1.9.9.6. NOTE: The vendor was contacted and it was learned that the product is not supported...

9.9CVSS0.00601EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/12 12:49 p.m.30 views

CVE-2024-6684 Authentication Bypass in GST Electronics' inohom Nova Panel N7

Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom Nova Panel N7 allows Authentication Bypass. This issue affects inohom Nova Panel N7: through 1.9.9.6. NOTE: The vendor was contacted and it was learned that the product is not supported...

9.9CVSS0.00601EPSS
Exploits0References2
Rows per page
Query Builder