8 matches found
CVE-2025-7407
A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument hostname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...
CVE-2013-4096
ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOSTNAME field...
CVE-2018-0618
A cross-site scripting vulnerability XSS has been discovered in mailman due to the hostname field not being properly validated. A malicious list owner could use this flaw to create a specially crafted list and inject client-side scripts...
CVE-2017-6366
Cross-site request forgery CSRF vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the hostname parameter to dnslookup.cgi. NOTE: this issue can be combined with...
CVE-2013-4096
ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOSTNAME field...
Authentication flaw
ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOSTNAME field...
CVE-2013-4096
ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOSTNAME field...
CVE-2011-2716
The DHCP client udhcpc in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the 1 HOSTNAME, 2 DOMAINNAME, 3 NISDOMAIN, and 4 TFTPSERVERNAME host name options...