TRENDnet TEW-432BRP 命令注入漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. The TRENDnet TEW-432BRP 3.10B20 version has a command injection vulnerability. This vulnerability stems from the parameter sysCmd in the formSysCmd function within the goform/formSysCmd file, which allows for...

CVE-2025-34029

An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell...

CVE-2023-23295

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root...

VulnCheck KEV: CVE-2023-23295

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root...

PT-2023-18890 · Korenix · Korenix Jetwave 4200 Series +1

Name of the Vulnerable Software and Affected Versions: Korenix Jetwave 4200 Series version 1.3.0 Korenix JetWave 3000 Series version 1.6.0 Description: The issue allows for Command Injection via the "/goform/formSysCmd" API endpoint. An attacker can modify the sysCmd parameter to execute commands...

CVE-2018-20057

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter...

PT-2018-3890 · D Link · D-Link Dir-605L +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L version 2.06B1 D-Link DIR-605L version 2.12B1 Description: An issue was discovered in the /bin/boa component of D-Link DIR-619L and DIR-605L devices. The goform/formSysCmd endpoint allows remote authenticated users to execute...