CVE-2025-1800

A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This vulnerability affects the function getipaddrdetails of the file /view/vpn/sxhvpn/sxhvpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument ethname leads to command injection. Th...

CVE-2024-10280

A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to null pointer...

The vulnerability of the get_ip_addr_details function (/view/dhcp/dhcpConfig/commit.php) in Ruijie RG-UAC router software allows a attacker to execute arbitrary commands.

The vulnerability of the getipaddrdetails function /view/dhcp/dhcpConfig/commit.php in Ruijie RG-UAC router software exists due to the failure to address special elements used in operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands via th...

The vulnerability of the get_ip.addr_details function in Ruijie RG-UAC router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the getip.addrdetails function /view/vpn/autovpn/sxhvpnlic.php in Ruijie RG-UAC router software exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands remotely...

CVE-2024-6269

A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects the function getip.addrdetails of the file /view/vpn/autovpn/sxhvpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument indevice leads to command injection. T...

Tenda AX1803 Security Vulnerability

Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda, China. A security vulnerability exists in Tenda AX1803 v1.0.0.1, which is caused by a buffer overflow vulnerability in the iptv.stb.port parameter of the getIptvInfo method...

@ajesus37/node-portcheck (=1.0.0), @hzabala/tplinkcloud-api-client (=1.0.0) +60 more potentially affected by CVE-2021-27191 via get-ip-range (=2.1.1)

get-ip-range NPM version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on get-ip-range and may be impacted: - @ajesus37/node-portcheck =1.0.0 - @hzabala/tplinkcloud-api-client =1.0.0 - @julusian/tp-link-tapo-connect =2.1.0-0 -...

GHSA-6Q4W-3WP4-Q5WF Denial of Service in get-ip-range

The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion. Update get-ip-range dependency to 4.0.0 or above...

CVE-2021-27191

The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion...

CVE-2021-27191

The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion...

Privilege escalation

The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion...

CVE-2021-27191

The CVE-2021-27191 issue affects the get-ip-range package for Node.js prior to 4.0.0. It allows denial of service when parsing large/untrusted IP ranges (for example 128.0.0.0/1), leading to resource exhaustion. Remediation is to upgrade to version 4.0.0 or newer. This vulnerability is corroborat...

CVE-2021-27191

The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion...

HuCart SQL Injection Vulnerability

HuCart HuCart is an open source enterprise building system. HuCart 5.7.4 version of the system/class/helperclass.php file of the 'getip' function there is a SQL injection vulnerability , the vulnerability stems from the program fails to HTTP packet header data security filtering , remote attacker...

Project Arsenal X - As HackTheGame But Real

Project Arsenal X New version of my Arsenal X written in Delphi with the following options: + Gmail Inbox + Whois Client + Table + Downloader + Get IP + Locate IP + K0bra SQLI Scanner + Crack multiple hashes + Search admin panel + Port Scanner + Multi Cracker with support for FTP, TELNET, POP3 +...