89 matches found
TOTOLINK X6000R 安全漏洞
TOTOLINK X6000R is a wireless router from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK X6000R version V9.4.0cu.852B20230719, which stems from the enable parameter of the setLedCfg function failing to correctly filter construct command special...
CVE-2023-46979
TOTOLINK X6000R V9.4.0cu.852B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function...
CLSA-2022-1643918500 Fix of CVE: CVE-2022-23305
CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for enabling it...
CLSA-2022-1643918279 Fixed CVE-2022-23305 in log4j
CVE-2022-23305: disable JDBCAppender by default. Add optional parameter for enabling it...
CVE-2021-30229
The api/zrDm/setzrDm interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dmenable, AppKey, or Pwd parameter...
China Mobile An Lianbao WF-1 router 操作系统命令注入漏洞
China Mobile An Lianbao WF-1 router is a router from China Mobile China. China Mobile An Lianbao WF-1 router 1.0.1 suffers from an operating system command injection vulnerability, which originates in api/zrDm/setZRElink, that can be exploited by remote attackers to execute arbitrary commands via...
Directory traversal
Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. dot dot in the 1 usertheme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the 2 enable...
Linksys WRT160N XSS / CSRF / Command Injection
Device Name: Linksys WRT160Nv2 Vendor: Linksys/Cisco ============ Device Description: ============ Best For: Delivers plenty of speed and coverage, so large groups of users can go online, transfer large files, print, and stream stored media Features: Fast Wireless-N connectivity frees you to do...
IBM WebSphere Application Server 7.0 < Fix Pack 5
IBM WebSphere Application Server 7.0 before Fix Pack 5 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities : - Non-standard HTTP methods are allowed. PK73246 - If the admin console is directly accessed from HTTP, the console fails to redirect t...