Lucene search
+L

6553 matches found

Cvelist
Cvelist
added 2026/06/04 12:4 p.m.41 views

CVE-2026-45431 Command Injection Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

8.7CVSS0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 12:4 p.m.10 views

CVE-2026-45431 Command Injection Vulnerability in GX Earth ONT Models

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

8.7CVSS6.5AI score0.00388EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 7:16 a.m.14 views

CVE-2026-49203

Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted...

8.3CVSS0.00168EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.21 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

5.8AI score0.00547EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.39 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

0.00547EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.7 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

5.5AI score0.00547EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.13 views

GX Group Earth 2022 ONT 安全漏洞

GX Group Earth 2022 ONT is an FTTH optical network terminal device developed by the Turkish company GX Group. There is a security vulnerability present in GX Group Earth 2022 ONT. This vulnerability stems from the web management interface transmitting user credentials via HTTP plaintext...

8.7CVSS5.5AI score0.00244EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 12:0 a.m.31 views

CVE-2026-35904

CVE-2026-35904 affects T3 Technology CPE models: T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03. The issue is incorrect access control in the device web management CGI component, allowing unauthenticated attackers to enable Telnet via a crafted request. Public exploit/poC exists (GitHub advis...

9.8CVSS5.8AI score0.00547EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.16 views

CVE-2026-10187

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

10CVSS6.3AI score0.01425EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2026/06/01 12:0 a.m.67 views

📄 Apache ActiveMQ Jolokia Remote Code Execution

This is a proof of concept security research tool that evaluates a potential authenticated remote code execution pathway through the Jolokia management interface exposed by Apache ActiveMQ. The tool authenticates to the broker, discovers configuration details, interacts with JMX operations expose...

8.8CVSS7.2AI score0.96666EPSS
Exploits14
NVD
NVD
added 2026/05/31 4:16 p.m.19 views

CVE-2026-10190

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS0.00368EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/31 3:30 p.m.14 views

CVE-2026-10190

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS6.3AI score0.00368EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/31 3:30 p.m.22 views

CVE-2026-10190

CVE-2026-10190 affects Tenda W12 3.0.0.7(4763). The Web Management Interface contains a vulnerable function: cgiSysWebTimeoutSet in /bin/httpd. Manipulating the argument web_over_time triggers a denial of service. The vulnerability is exploitable remotely, and public exploit code exists. The prov...

7.1CVSS6.3AI score0.00368EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/31 3:30 p.m.9 views

CVE-2026-10190 Tenda W12 Web Management httpd cgiSysWebTimeoutSet denial of service

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS5.6AI score0.00368EPSS
Exploits0References6
NVD
NVD
added 2026/05/31 3:16 p.m.22 views

CVE-2026-10187

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

10CVSS0.01425EPSS
Exploits1References7
CVE
CVE
added 2026/05/31 2:15 p.m.38 views

CVE-2026-10187

The CVE-2026-10187 entry concerns Totolink N300RH (firmware 6.1c.1353_B20190305). The vulnerability affects the Web Management Interface’s file wireless.so in the setWiFiBasicConfig function; manipulating the argument KeyStr triggers a stack-based buffer overflow. This enables remote code executi...

10CVSS7.9AI score0.01425EPSS
Exploits1References7
EUVD
EUVD
added 2026/05/31 2:15 p.m.13 views

EUVD-2026-33509

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

10CVSS7.9AI score0.01425EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/05/31 2:15 p.m.50 views

CVE-2026-10187 Totolink N300RH Web Management wireless.so setWiFiBasicConfig stack-based overflow

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

10CVSS0.01425EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.10 views

Tenda W12 安全漏洞

Tenda W12 is a high-performance wireless access point from the Chinese company Tenda. Version 3.0.0.74763 of Tenda W12 contains a security vulnerability. This vulnerability stems from a function in the Web Management Interface component called cgiSysWebTimeoutSet, where the parameter webovertime...

7.1CVSS6.7AI score0.00368EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.12 views

TOTOLINK N300RH 安全漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. Version 6.1c.1353B20190305 of TOTOLINK N300RH contains a security vulnerability. This vulnerability stems from a function in the Web Management Interface component called “wireless.so,” where the parameter “KeyStr” ...

10CVSS7.5AI score0.01425EPSS
Exploits1References7
Rows per page
Query Builder