CVE-2026-8980

The CVE-2026-8980 entry concerns the Mennekes Amtron series with firmware versions ≤ 5.22.3. Affected component: firmware handling privilege levels. The vulnerability allows an authenticated low-privileged user to escalate privileges by issuing crafted POST requests to change passwords for admin ...

CVE-2026-0711

A post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated, adjacent attacker with administrator privileges to execute OS commands on an affected device...

CVE-2026-1459

A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.7C0 could allow an authenticated attacker with administrator privileges to execute operating system OS commands on an affected device...

CVE-2025-13942

A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17ABUP.15.1C0 could allow a remote attacker to execute operating system OS commands on an affected device by sending specially crafted UPnP SOAP requests...

PT-2026-4796

Name of the Vulnerable Software and Affected Versions TP-Link Archer MR600 version v5 Description A command injection issue exists in the admin interface component. Authenticated attackers can execute system commands with a limited character length through crafted input in the browser developer...

CVE-2025-65856

Authentication bypass vulnerability in Xiongmai XM530 IP cameras on Firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06 allows unauthenticated remote attackers to access sensitive device information and live video streams. The ONVIF implementation fails to enforce authentication on 31 critical...

EUVD-2025-27776

Malicious code in bioql PyPI...

CVE-2025-31355

A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-27129

An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability...

CVE-2025-30256

A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability...

CVE-2021-35036

A cleartext storage of information vulnerability in the Zyxel VMG3625-T50B firmware version V5.50ABTL.0b2k could allow an authenticated attacker to obtain sensitive information from the configuration file...

CVE-2025-45788

TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the comment parameter in setMacFilterRules...

Zyxel NAS542和NAS326 操作系统命令注入漏洞

Zyxel NAS542 and Zyxel NAS326 are both products of the Chinese company Hopkins Zyxel.Zyxel NAS542 is a NAS Network Attached Storage device.Zyxel NAS326 is a cloud storage NAS. An operating system command injection vulnerability exists in Zyxel NAS326 version V5.21AAZF.18C0 and earlier and NAS542...

PT-2024-36053 · Zyxel · Zyxel Vmg8825-T50K

Name of the Vulnerable Software and Affected Versions: Zyxel VMG8825-T50K firmware version 5.50ABOM.8C0 Description: A buffer overflow vulnerability in the library "libclinkc" could allow an unauthenticated attacker to cause denial of service DoS conditions by sending a crafted HTTP request to a...

CVE-2023-36953

TOTOLINK CP300+ V5.2cu.7594B20200910 and before is vulnerable to command injection...

Tenda AC6 安全漏洞

Tenda AC6 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC6 AC1200 v5.0 Firmware v02.03.01.114 and below, which originates from a problem in the component /cgi-bin/DownloadFlash and allows attackers to steal all data, such as source code and system files, via a...

PT-2022-23462 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6AC1200 v5.0 Firmware versions v02.03.01.114 and below Description: The issue affects the /cgi-bin/DownloadFlash component, allowing attackers to steal data such as source code and system files via a crafted GET request...

CVE-2021-32453

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication. An attacker could exploit this vulnerability in order to obtain information about the device´s configurati...

Synergy Systems & Solutions HUSKY RTU 6049-E70 Code Issue Vulnerability

Synergy Systems & Solutions HUSKY RTU 6049-E70 is a Remote Terminal Unit RTU for data acquisition and control from Synergy Systems & Solutions, India. A code issue vulnerability exists in the Synergy Systems & Solutions HUSKY RTU 6049-E70 using firmware version 5.0 and earlier. An attacker could...

CVE-2020-6991

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force...