Lucene search
K

139 matches found

NVD
NVD
added 2020/08/20 1:17 a.m.17 views

CVE-2020-17456

SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the systemlog.cgi page...

9.8CVSS9.7AI score0.70908EPSS
Exploits8References5
Prion
Prion
added 2020/08/20 1:17 a.m.23 views

Remote code execution

SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the systemlog.cgi page...

7.5CVSS9.7AI score0.70908EPSS
Exploits8References5
CVE
CVE
added 2020/08/19 6:20 p.m.256 views

CVE-2020-17456

CVE-2020-17456 affects SEOWON INTECH SLC-130 and SLR-120S routers. Unauthenticated remote code execution is possible via the ipAddr parameter to the system_log.cgi page, allowing arbitrary command execution (reported as root privileges in multiple exploit artifacts). Public exploit material exist...

9.8CVSS9.6AI score0.70908EPSS
In wildExploits8References5Affected Software1
Cvelist
Cvelist
added 2020/08/19 6:20 p.m.35 views

CVE-2020-17456

SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the systemlog.cgi page...

9.8AI score0.70908EPSS
Exploits8References5
OSV
OSV
added 2020/08/17 4:15 p.m.4 views

CVE-2020-13122

The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. This could be used by a read-only user monitoring group or admin to execute commands on the...

8.8CVSS7.4AI score
Exploits0References1
Snyk
Snyk
added 2020/04/17 12:0 a.m.3 views

Malicious Package

Overview activemodel-ipaddr-validator is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid usin...

8CVSS6.9AI score
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2019/06/13 12:0 a.m.1 views

VulnCheck KEV: CVE-2016-10760

On Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell metacharacters in the pingipaddr parameter...

10CVSS7.3AI score0.03226EPSS
Exploits1References1
NVD
NVD
added 2018/12/30 9:29 p.m.18 views

CVE-2018-20606

imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI...

7.5CVSS7.4AI score0.02609EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/30 9:0 p.m.20 views

CVE-2018-20606

imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI...

7.4AI score0.02609EPSS
Exploits1References1
Prion
Prion
added 2018/11/27 8:29 p.m.16 views

Command injection

System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ipAddr" POST parameter...

10CVSS9.8AI score0.03195EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/08/03 12:0 a.m.2 views

Command execution vulnerability in Fusion K2 router at lanset settings page

The Fusion K2 PSG1218 router is a must-have new generation wireless router for entry-level users. The Fusion K2 router suffers from a command execution vulnerability at the lanset settings page. The vulnerability is due to the backend code failing to properly filter user input ipaddr, which can b...

8AI score
Exploits0
OSV
OSV
added 2018/01/12 9:29 a.m.2 views

CVE-2018-5371

diagping.cmd on D-Link DSL-2640U devices with firmware IM1.00 and ME1.00, and DSL-2540U devices with firmware ME1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request...

8.8CVSS6AI score0.41987EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/01/12 12:0 a.m.3 views

PT-2018-4009 · D Link · D-Link Dsl-2640B +1

Name of the Vulnerable Software and Affected Versions: D-Link DSL-2640U versions IM 1.00 and ME 1.00 D-Link DSL-2540U version ME 1.00 Description: The issue allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request...

9CVSS9AI score0.41987EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2017/10/17 12:0 a.m.25 views

CVE-2014-9118

The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9CVSS9AI score0.53364EPSS
In wildExploits4References5
NVD
NVD
added 2015/09/21 10:59 a.m.18 views

CVE-2015-5993

Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone PLDT SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to cause a denial of service device outage via a long ipaddr parameter...

7.8CVSS7AI score0.01553EPSS
Exploits0References1
Prion
Prion
added 2015/09/21 10:59 a.m.16 views

Buffer overflow

Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone PLDT SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to cause a denial of service device outage via a long ipaddr parameter...

7.8CVSS7.6AI score0.01553EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/09/21 10:0 a.m.22 views

CVE-2015-5993

Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone PLDT SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to cause a denial of service device outage via a long ipaddr parameter...

7AI score0.01553EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2013/08/30 12:0 a.m.42 views

Mac OS X 10.8.4 Local Privilege Escalation

!/usr/bin/python Original MSF Module: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/sudopasswordbypass.rb Exploit Title: OSX & /dev/tcp/%s/%s 0&1 &\n" % ipaddr,port...

6.9CVSS0.3AI score0.03202EPSS
Exploits8
Metasploit
Metasploit
added 2006/01/16 2:59 a.m.42 views

Linux Command Shell, Reverse TCP Inline

Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 68 include Msf::Payload::Single include Msf::Payload::Linux::X86::Prepends includ...

7.4AI score
Exploits0
Rows per page
Query Builder