514 matches found
EUVD-2026-33261
Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...
CVE-2026-34259
SAP Forecasting & Replenishment contains an OS Command Execution vulnerability. An authenticated user with administrative privileges can abuse a non-remote-enabled function to execute arbitrary operating system commands, potentially reading/modifying any system data or shutting down the system, c...
CVE-2026-31993
OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with operator.write privileges and a paired macOS beta node can craft shell-chain payloads that pass...
CVE-2026-28466
OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. Attackers with valid gateway credentials can inject...
CVE-2020-12124
A remote command-line injection vulnerability in the /cgi-bin/liveapi.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication...
CVE-2025-3232
CVE-2025-3232 affects Mitsubishi Electric Europe smartRTU, where a remote unauthenticated attacker can bypass authentication via a specific API route and execute arbitrary OS commands. The Red Hat/NVD/EUVD/NVD-derived records consistently describe an access-control failure enabling command execut...
PT-2025-51971
Name of the Vulnerable Software and Affected Versions Serendipity version 2.4.0 Description An authenticated attacker can upload malicious PHP files with a .phar extension, leading to remote code execution. Attackers can upload files containing system command payloads to the media upload endpoint...
PT-2025-51303
Name of the Vulnerable Software and Affected Versions Webutler version 3.2 Description Webutler version 3.2 has a flaw that permits authenticated administrators to upload PHP files capable of executing system commands. An attacker can upload a PHAR file containing embedded system commands through...
CVE-2025-59370
A command injection vulnerability has been identified in bwdpi. A remote, authenticated attacker could leverage this vulnerability to potentially execute arbitrary commands, leading to the device executing unintended instructions. Refer to the 'Security Update for ASUS Router Firmware' section on...
CVE-2025-13284
ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server...
Unspecified Vulnerability in Palo Alto Networks PAN-OS (CNVD-2025-24729)
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS, which can be exploited by an attacker to cause a privileged administrator to bypass system restrictions and execute arbitrary...
HPE AOS 安全漏洞
HPE AOS is an operating system from HPE Corporation in the United States. A security vulnerability exists in HPE ArubaOS that originates from a remote attacker after authentication that can execute remote commands, which could lead to the execution of arbitrary commands on the underlying operatin...
EUVD-2009-4535
Malware in sbrugna...
EUVD-2006-6844
Malware in sbrugna...
EUVD-2020-5400
Malware in sbrugna...
EUVD-2007-0134
Malware in sbrugna...
EUVD-2006-0417
Malware in sbrugna...
EUVD-2008-6431
Malware in sbrugna...
EUVD-2005-4607
Malware in sbrugna...
EUVD-2006-3786
Malware in sbrugna...