CVE-2026-31171

CVE-2026-31171 affects ToToLink A3300R firmware v17.0.0cu.557_B20221024. The issue allows an attacker to execute arbitrary commands via the url parameter to /cgi-bin/cstecgi.cgi, as described in multiple sources (EUVD/NVD/CVE listings). The root cause and exact vulnerable component are described ...

CVE-2026-24430 Tenda W30E V2 HTTP Responses Expose Plaintext Credentials

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 disclose sensitive account credentials in cleartext within HTTP responses generated by the maintenance interface. Because the management interface is accessible over unencrypted HTTP by default, credentials may be expose...

EUVD-2021-19701

Malware in sbrugna...

EUVD-2019-7564

Malware in sbrugna...

EUVD-2023-58349

Malicious code in bioql PyPI...

EUVD-2023-57664

Malicious code in bioql PyPI...

CVE-2013-4713

Cross-site scripting XSS vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2024-4639

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in IPSec configuration. An attacker could modify the intended commands sent to target functions, which could cause malicious users to execute unauthorized commands...

D-Link 704p Web Interface syslog.htm Malformed Query Remote DoS

The remote host is a D-Link router running a firmware version older than, or as old as 2.70. There is a flaw in this version which may allow an attacker to crash the remote device by sending an overly long argument to the 'syslog.htm' page. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref...