37 matches found
PYSEC-2026-1136 Apache Airflow Drill Provider vulnerable to improper input validation
Apache Software Foundation's Apache Airflow Drill Provider before 2.3.2 is vulnerable to improper input validation because the host passed in drill connection is not sanitized...
CVE-2026-8660
CVE-2026-8660 describes an OS Command Injection vulnerability in the Linux ping action of the Rapid7 InsightConnect Ping Plugin. The root cause is insufficient input validation when constructing shell commands from the host parameter, enabling remote attackers to execute arbitrary OS commands. Th...
CVE-2026-8660
OS Command Injection vulnerability in the ping action of Rapid7 InsightConnect Ping Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host parameter due to insufficient input validation when constructing shell commands...
Termix 操作系统命令注入漏洞
Termix is a server management platform developed by Karmaa’s individual developers. Versions of Termix prior to 2.3.2 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the POST /ssh/tunnel/connect endpoint, which directly inserted the...
CVE-2019-25736 LabF nfsAxe 3.7 Ping Client Buffer Overflow
LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.ex...
CVE-2026-39394
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, the Install::index controller reads the host POST parameter without any validation and passes it directly into updateEnvSettings, which...
CVE-2019-25372 OPNsense 19.1 Reflected XSS via diag_traceroute.php
OPNsense 19.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation in the host parameter. Attackers can submit crafted payloads through POST requests to diagtraceroute.php to execute...
CVE-2025-47366
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input...
GHSA-4C65-9GQF-4W8H Cybersecurity AI (CAI) vulnerable to Command Injection in run_ssh_command_with_credentials Agent tool
Summary A command injection vulnerability is present in the function tool runsshcommandwithcredentials available to AI agents. Details This is the source code of the function tool runsshcommandwithcredentials code: python @functiontool def runsshcommandwithcredentials host: str, username: str,...
CVE-2025-60699
A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the global.so binary. The getSaveConfig function retrieves the httphost parameter from user input via websGetVar and copies it into a fixed-size stack buffer v13 using strcpy without...
CVE-2025-60699
A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the global.so binary. The getSaveConfig function retrieves the httphost parameter from user input via websGetVar and copies it into a fixed-size stack buffer v13 using strcpy without...
PT-2025-46901
Name of the Vulnerable Software and Affected Versions TOTOLINK A950RG Router firmware versions prior to V5.9c.4592 B20191022 ALL Description A buffer overflow issue exists in the global.so binary of the TOTOLINK A950RG Router firmware. The getSaveConfig function retrieves the http host parameter...
CVE-2025-60699
A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the global.so binary. The getSaveConfig function retrieves the httphost parameter from user input via websGetVar and copies it into a fixed-size stack buffer v13 using strcpy without...
TOTOLINK LR350 安全漏洞
TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the httphost parameter in the...
The vulnerability of the get_cur_lang_ver() function in Netgear’s JWNR2000v2 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the getcurlangver function in Netgear JWNR2000v2 router microprogramming software is related to the copying of buffers without checking the size of the input data when processing the host parameter. Exploiting this vulnerability can allow an attacker to compromise the...
NETGEAR EX6200 安全漏洞
NETGEAR EX6200 is a wireless network signal extender from NETGEAR. The NETGEAR EX6200 suffers from a buffer overflow vulnerability that originates from the sub503FC function parameter host failing to properly validate the length of the input data, which can be exploited by an attacker to execute...
NETGEAR EX6120 安全漏洞
The NETGEAR EX6120 is a wireless extender from NETGEAR. The NETGEAR EX6120 suffers from a buffer overflow vulnerability that stems from the sub30394 function parameter host failing to properly validate the length and size of input data, which can be exploited by an attacker to execute arbitrary...
TOTOLINK LR350 安全漏洞
TOTOLINK LR350 is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK LR350 suffers from a buffer overflow vulnerability that originates from the failure of the httphost parameter in the loginAuth function to properly validate the length and size of the input data, which can be...
TOTOLINK N200RE 安全漏洞
The TOTOLINK N200RE is a router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK N200RE version 9.3.5u.6139B20201216, which originates from the failure of the httphost parameter of the loginAuth function of /cgi-bin/cstecgi.cgi to properly validate th...
PT-2023-13452 · Cambium · Cambium Enterprise Wi-Fi System
Name of the Vulnerable Software and Affected Versions: Cambium Enterprise Wi-Fi System Software versions prior to 6.4.2 Description: The issue is related to the lack of sanitization of the ping host argument in the device-agent of the Cambium Enterprise Wi-Fi System Software. This can potentially...