8 matches found
CVE-2026-8265
A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function getlogfile of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. The attack can be initiated remotely. The exploit...
CVE-2026-8265
The CVE-2026-8265 issue affects Tenda AC6 firmware version 15.03.06.23. The vulnerable component is httpd, specifically the function get_log_file in /goform/getLogFile, where manipulating the wans.flag argument leads to an OS command injection. The vulnerability is exploitable remotely and exploi...
Tenda AC6 命令注入漏洞
Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version 15.03.06.23 of Tenda AC6 has a command injection vulnerability. This vulnerability stems from the function getlogfile in the httpd component’s file/goform, which processes the parameter wan.flag, potentially allowin...
CVE-2026-29059
Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path traversal vulnerability exists in Windmill's getlogfile endpoint "/api/w/workspace/jobsu/getlogfile/filename". The filename parameter is...
CVE-2026-29059 Windmill: SUPERADMIN_SECRET (rarely used) can be accessed publicly
Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path traversal vulnerability exists in Windmill's getlogfile endpoint "/api/w/workspace/jobsu/getlogfile/filename". The filename parameter is...
EUVD-2026-10017
Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path traversal vulnerability exists in Windmill's getlogfile endpoint "/api/w/workspace/jobsu/getlogfile/filename". The filename parameter is...
CVE-2026-29059 Windmill: SUPERADMIN_SECRET (rarely used) can be accessed publicly
Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path traversal vulnerability exists in Windmill's getlogfile endpoint "/api/w/workspace/jobsu/getlogfile/filename". The filename parameter is...
WindMill 路径遍历漏洞
WindMill is a free open-source tool developed by Lukasavicus’ individual developer. It is used to control the execution of tasks in Python. Versions of WindMill prior to 1.603.3 contained a path traversal vulnerability. This vulnerability stemmed from the filename parameter in the getlogfile...