Lucene search
K

89 matches found

CNNVD
CNNVD
added 2023/10/31 12:0 a.m.4 views

TOTOLINK X6000R 安全漏洞

TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK X6000R version V9.4.0cu.852B20230719, which stems from the enable parameter of the setLedCfg function failing to correctly filter construct command special...

9.8CVSS7.4AI score0.01515EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/31 12:0 a.m.16 views

CVE-2023-46979

TOTOLINK X6000R V9.4.0cu.852B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function...

10AI score0.01515EPSS
Exploits1References1
OSV
OSV
added 2022/02/03 8:1 p.m.5 views

CLSA-2022-1643918500 Fix of CVE: CVE-2022-23305

CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for enabling it...

9.8CVSS6.9AI score0.66537EPSS
Exploits1References1
OSV
OSV
added 2022/02/03 7:57 p.m.3 views

CLSA-2022-1643918279 Fixed CVE-2022-23305 in log4j

CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for enabling it...

9.8CVSS6.9AI score0.66537EPSS
Exploits1References1
OSV
OSV
added 2021/04/29 4:15 p.m.6 views

CVE-2021-30229

The api/zrDm/setzrDm interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dmenable, AppKey, or Pwd parameter...

8.8CVSS6AI score0.02884EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.5 views

China Mobile An Lianbao WF-1 router 操作系统命令注入漏洞

China Mobile An Lianbao WF-1 router is a router from China Mobile China. China Mobile An Lianbao WF-1 router 1.0.1 suffers from an operating system command injection vulnerability, which originates in api/zrDm/setZRElink, that can be exploited by remote attackers to execute arbitrary commands via...

9.8CVSS8.9AI score0.0327EPSS
Exploits1References4
Prion
Prion
added 2014/04/30 11:58 p.m.21 views

Directory traversal

Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. dot dot in the 1 usertheme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the 2 enable...

6.5CVSS7.2AI score0.07842EPSS
Exploits1References9Affected Software1
Packet Storm
Packet Storm
added 2013/02/11 12:0 a.m.44 views

Linksys WRT160N XSS / CSRF / Command Injection

Device Name: Linksys WRT160Nv2 Vendor: Linksys/Cisco ============ Device Description: ============ Best For: Delivers plenty of speed and coverage, so large groups of users can go online, transfer large files, print, and stream stored media Features: Fast Wireless-N connectivity frees you to do...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/08/31 12:0 a.m.40 views

IBM WebSphere Application Server 7.0 < Fix Pack 5

IBM WebSphere Application Server 7.0 before Fix Pack 5 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - If the admin console is directly accessed from HTTP, the console fails to redirect t...

10CVSS7.7AI score0.04254EPSS
Exploits4References15
Rows per page
Query Builder