PT-2026-43193

A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument fwUrl/magicid results in os command injection. It is possible to initiate...

TOTOLINK CA750-PoE 操作系统命令注入漏洞

TOTOLINK CA750-PoE is a wireless network access device developed by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the fwUrl/magicid parameters in the...

CVE-2026-3612

A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub405AF4 of the file /cgi-bin/adm.cgi of the component OTA Online Upgrade. This manipulation of the argument firmwareurl causes command injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2026-3612

A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub405AF4 of the file /cgi-bin/adm.cgi of the component OTA Online Upgrade. This manipulation of the argument firmwareurl causes command injection. It is possible to initiate the attack remotely. The exploit h...

CVE-2026-3612

The vulnerability CVE-2026-3612 affects Wavlink WL-NU516U1 (firmware v240425) in the OTA Online Upgrade feature. It targets the function sub_405AF4 in /cgi-bin/adm.cgi by manipulating the firmware_url argument, resulting in a command injection. This can be triggered remotely, and the exploit has ...

WAVLINK WL-NU516U1 命令注入漏洞

WAVLINK WL-NU516U1 is a wireless print server developed by WAVLINK Corporation. The WAVLINK WL-NU516U1 V240425 version has a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter firmwareurl in the file/cgi-bin/adm.cgi, which may lead to command...

CVE-2026-2566

A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the function sub406194 of the file /cgi-bin/adm.cgi. Such manipulation of the argument firmwareurl leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed...

CVE-2026-2566

A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the function sub406194 of the file /cgi-bin/adm.cgi. Such manipulation of the argument firmwareurl leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed...

CVE-2026-2566

A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the function sub406194 of the file /cgi-bin/adm.cgi. Such manipulation of the argument firmwareurl leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed...

PT-2026-8378

A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the function sub 406194 of the file /cgi-bin/adm.cgi. Such manipulation of the argument firmware url leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclos...

CVE-2021-47745

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...

CVE-2021-47745 Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection via Firmware Upgrade

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...

Cypress Solutions CTM-200 操作系统命令注入漏洞

The Cypress Solutions CTM-200 is a wireless gateway from Cypress Solutions. An operating system command injection vulnerability exists in the Cypress Solutions CTM-200 version 2.7.1, which stems from an authenticated command injection in the fwurl parameter of the firmware upgrade script, which...

EUVD-2019-7562

Malware in sbrugna...

The vulnerability of the recvUpgradeNewFw() function in TOTOLINK CA300-PoE router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the recvUpgradeNewFw function in TOTOLINK CA300-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level when processing the fwUrl parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the recvUpgradeNewFw() function in TOTOLINK CA600-PoE router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the recvUpgradeNewFw function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level when processing the fwUrl parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

MSNSwitch Firmware MNT.2408 - Remote Code Exectuion Exploit

Exploit Title: MSNSwitch Firmware MNT.2408 - Remote Code Exectuion RCE Exploit Author: Eli Fulkerson Vendor Homepage: https://www.msnswitch.com/ Version: MNT.2408 Tested on: MNT.2408 firmware CVE: CVE-2022-32429 !/usr/bin/python3 """ POC for unauthenticated configuration dump, authenticated RCE o...

Bitdefender BOX 2 bootstrap download_image command injection vulnerability

Summary An exploitable command injection vulnerability exists in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method /api/downloadimage unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands...