12 matches found
EUVD-2022-46406
Malicious code in bioql PyPI...
EUVD-2022-48569
Malicious code in bioql PyPI...
CVE-2024-50853
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function...
CVE-2022-43367
IP-COM EW9 V15.11.0.149732 was discovered to contain a command injection vulnerability in the formSetDebugCfg function...
CVE-2022-45710
IP-COM M50 V15.11.0.3310768 was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function...
Tenda W20E formSetDebugCfg function enable parameter command injection vulnerability
The Tenda W20E is a router from the Chinese company Tenda. The Tenda W20E suffers from a command injection vulnerability that stems from the formSetDebugCfg function enable parameter failing to properly filter construct command special characters, commands, and so on. No detailed vulnerability...
CVE-2025-44866
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the level parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2024-50853
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the formSetDebugCfg function...
Command injection
IP-COM M50 V15.11.0.3310768 was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function...
Buffer overflow
IP-COM M50 V15.11.0.3310768 was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function...
CVE-2022-43367
IP-COM EW9 V15.11.0.149732 was discovered to contain a command injection vulnerability in the formSetDebugCfg function...
CVE-2022-43367
IP-COM EW9 V15.11.0.149732 was discovered to contain a command injection vulnerability in the formSetDebugCfg function...