Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.7 views

PT-2026-34670

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/23 12:0 a.m.30 views

CVE-2026-31167

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the mode parameter to /cgi-bin/cstecgi.cgi...

0.00279EPSS
Exploits1References1
OSV
OSV
added 2023/11/30 2:15 a.m.5 views

CVE-2023-37927

The improper neutralization of special elements in the CGI program of the Zyxel NAS326 firmware version V5.21AAZF.14C0 and NAS542 firmware version V5.21ABAG.11C0 could allow an authenticated attacker to execute some operating system OS commands by sending a crafted URL to a vulnerable device...

8.8CVSS5.9AI score0.602EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/12/16 12:0 a.m.5 views

The vulnerability of the Common Gateway Interface (CGI) interface of microprogramming software for network devices such as ZyXEL USG, ZyWALL, USG FLEX, ATP, and VPN allows attackers to execute cross-site scripting attacks.

The vulnerability of the Common Gateway Interface CGI interface of microprogrammed network devices such as ZyXEL USG, ZyWALL, USG FLEX, ATP, and VPN is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-sit...

5CVSS6AI score0.00359EPSS
Exploits0References4Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.5 views

The vulnerability of the sapi/cgi/cgi_main.c component of the PHP programming language interpreter allows a attacker to cause a service failure.

The vulnerability of the sapi/cgi/cgimain.c component of the PHP programming language interpreter exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

5CVSS7.3AI score0.50723EPSS
Exploits1References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/04 12:0 a.m.5 views

The vulnerability of the Common Gateway Interface (CGI) interface of microprogramming software for network devices such as ZyXEL USG, USG FLEX, ATP, ZyWALL, VPN, and NSG allows attackers to bypass authentication processes and gain increased privileges.

The vulnerability of the Common Gateway Interface CGI interface of ZyXEL USG, USG FLEX, ATP, ZyWALL, VPN, and NSG network devices is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to bypass authentication processes and gain increased...

10CVSS8AI score0.84839EPSS
Exploits0References4Affected Software6
Rows per page
Query Builder