143 matches found
CVE-2019-11353
The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. This vulnerability is fixed in a later firmware version...
EUVD-2019-3032
Malware in sbrugna...
EUVD-2024-33929
Malicious code in bioql PyPI...
EUVD-2024-33937
Malicious code in bioql PyPI...
EUVD-2024-33935
Malicious code in bioql PyPI...
EUVD-2025-15703
Malicious code in bioql PyPI...
EUVD-2024-33933
Malicious code in bioql PyPI...
EUVD-2024-33932
Malicious code in bioql PyPI...
EUVD-2024-33930
Malicious code in bioql PyPI...
EUVD-2024-33934
Malicious code in bioql PyPI...
EUVD-2024-33936
Malicious code in bioql PyPI...
EUVD-2024-33931
Malicious code in bioql PyPI...
CVE-2025-34035
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected...
CVE-2025-34035
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected...
CVE-2025-34035 EnGenius EnShare IoT Gigabit Cloud Service Command Injection
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected...
EUVD-2025-18966
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected...
CVE-2025-34035
Summary: CVE-2025-34035 affects EnGenius EnShare Cloud Service
CVE-2025-34035 EnGenius EnShare IoT Gigabit Cloud Service Command Injection
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected...
PT-2025-26662
Name of the Vulnerable Software and Affected Versions: EnGenius EnShare Cloud Service versions 1.4.11 and earlier Description: An OS command injection issue exists due to the usbinteract.cgi script's failure to properly sanitize user input passed to the path parameter. This allows unauthenticated...
CVE-2024-45242
EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...