Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/09 9:31 p.m.4 views

EUVD-2016-10792

AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to authenticated OS command injection. The exefile parameter in CloudSetup.cgi is passed to the underlying system command execution without proper validation or whitelisting. An authenticated attacker who can invoke...

8.7CVSS7.3AI score0.00367EPSS
Exploits0References7
NVD
NVDadded 2025/10/09 9:15 p.m.2 views

CVE-2016-15047

AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to authenticated OS command injection. The exefile parameter in CloudSetup.cgi is passed to the underlying system command execution without proper validation or whitelisting. An authenticated attacker who can invoke...

8.7CVSS0.00367EPSS
Exploits0References6
Cvelist
Cvelistadded 2025/10/09 9:10 p.m.6 views

CVE-2016-15047 AVTECH CloudSetup.cgi Authenticated Command Injection

AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to authenticated OS command injection. The exefile parameter in CloudSetup.cgi is passed to the underlying system command execution without proper validation or whitelisting. An authenticated attacker who can invoke...

8.7CVSS0.00367EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/10/09 9:10 p.m.2 views

CVE-2016-15047 AVTECH CloudSetup.cgi Authenticated Command Injection

AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to authenticated OS command injection. The exefile parameter in CloudSetup.cgi is passed to the underlying system command execution without proper validation or whitelisting. An authenticated attacker who can invoke...

8.7CVSS7.4AI score0.00367EPSS
Exploits0References6
CVE
CVEadded 2025/10/09 9:10 p.m.12 views

CVE-2016-15047

CVE-2016-15047 (AVTECH CloudSetup.cgi): Authenticated OS command injection via the exefile parameter in CloudSetup.cgi. The parameter is passed to system command execution without proper validation/whitelisting, enabling an authenticated attacker to run arbitrary commands as root and potentially ...

8.7CVSS7.4AI score0.00367EPSS
Exploits0References6
CNVD
CNVDadded 2016/10/12 12:0 a.m.2 views

Authentication Command Injection Vulnerability in CloudSetup.cgi for AVTECH Devices

AVTECH, founded in 1996, is one of the world's leading CCTV manufacturers. The main products are surveillance equipment, network cameras, network video recorders and so on. An authenticated command injection vulnerability exists in the AVTECH device CloudSetup.cgi. The exefile parameter requested...

8.2AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2016/10/11 12:0 a.m.3 views

PT-2025-41460

Name of the Vulnerable Software and Affected Versions AVTECH devices affected versions not specified Description AVTECH devices that include the CloudSetup.cgi management endpoint are susceptible to authenticated OS command injection. The exefile parameter within the ''CloudSetup.cgi'' endpoint i...

9CVSS6.2AI score0.00367EPSS
Exploits0References11
Rows per page
Query Builder