Lucene search
K

6516 matches found

CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

GX Group Earth 2022 ONT 安全漏洞

GX Group Earth 2022 ONT is an FTTH optical network terminal device developed by the Turkish company GX Group. There is a security vulnerability present in GX Group Earth 2022 ONT. This vulnerability stems from the web management interface transmitting user credentials via HTTP plaintext...

8.7CVSS5.5AI score0.00244EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 4:1 p.m.13 views

CVE-2026-10187

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

10CVSS6.3AI score0.01425EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2026/06/01 12:0 a.m.63 views

📄 Apache ActiveMQ Jolokia Remote Code Execution

This is a proof of concept security research tool that evaluates a potential authenticated remote code execution pathway through the Jolokia management interface exposed by Apache ActiveMQ. The tool authenticates to the broker, discovers configuration details, interacts with JMX operations expose...

8.8CVSS7.2AI score0.96666EPSS
Exploits13
NVD
NVD
added 2026/05/31 4:16 p.m.17 views

CVE-2026-10190

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS0.00368EPSS
Exploits0References6
CVE
CVE
added 2026/05/31 3:30 p.m.21 views

CVE-2026-10190

CVE-2026-10190 affects Tenda W12 3.0.0.7(4763). The Web Management Interface contains a vulnerable function: cgiSysWebTimeoutSet in /bin/httpd. Manipulating the argument web_over_time triggers a denial of service. The vulnerability is exploitable remotely, and public exploit code exists. The prov...

7.1CVSS6.3AI score0.00368EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/31 3:30 p.m.9 views

CVE-2026-10190 Tenda W12 Web Management httpd cgiSysWebTimeoutSet denial of service

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS5.6AI score0.00368EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/31 3:30 p.m.14 views

CVE-2026-10190

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

7.1CVSS6.3AI score0.00368EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/05/31 3:16 p.m.20 views

CVE-2026-10187

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

10CVSS0.01425EPSS
Exploits1References7
EUVD
EUVD
added 2026/05/31 2:15 p.m.12 views

EUVD-2026-33509

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

10CVSS7.9AI score0.01425EPSS
Exploits1References7
CVE
CVE
added 2026/05/31 2:15 p.m.36 views

CVE-2026-10187

The CVE-2026-10187 entry concerns Totolink N300RH (firmware 6.1c.1353_B20190305). The vulnerability affects the Web Management Interface’s file wireless.so in the setWiFiBasicConfig function; manipulating the argument KeyStr triggers a stack-based buffer overflow. This enables remote code executi...

10CVSS7.9AI score0.01425EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/05/31 2:15 p.m.45 views

CVE-2026-10187 Totolink N300RH Web Management wireless.so setWiFiBasicConfig stack-based overflow

A vulnerability was detected in Totolink N300RH 6.1c.1353B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is...

10CVSS0.01425EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.11 views

TOTOLINK N300RH 安全漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. Version 6.1c.1353B20190305 of TOTOLINK N300RH contains a security vulnerability. This vulnerability stems from a function in the Web Management Interface component called “wireless.so,” where the parameter “KeyStr” ...

10CVSS7.5AI score0.01425EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.11 views

PT-2026-45201

Name of the Vulnerable Software and Affected Versions Tenda W12 version 3.0.0.74763 Description A remote denial of service issue exists within the Web Management Interface. The problem occurs in the cgiSysWebTimeoutSet function located in the /bin/httpd file. An attacker can trigger this conditio...

7.1CVSS6.6AI score0.00368EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.9 views

Tenda W12 安全漏洞

Tenda W12 is a high-performance wireless access point from the Chinese company Tenda. Version 3.0.0.74763 of Tenda W12 contains a security vulnerability. This vulnerability stems from a function in the Web Management Interface component called cgiSysWebTimeoutSet, where the parameter webovertime...

7.1CVSS6.7AI score0.00368EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.12 views

CVE-2026-9404

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS7.1AI score0.01732EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.17 views

CVE-2026-9037

A firmware update mechanism in the affected charging controller fails to validate the authenticity of firmware packages delivered through the device's management interface. Because cryptographic signatures are not verified, an attacker with the ability to interfere with or impersonate the...

9.3CVSS6AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 6:59 p.m.13 views

EUVD-2026-33420

A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...

5.3CVSS5.6AI score0.00239EPSS
Exploits0References3
OSV
OSV
added 2026/05/29 10:33 a.m.7 views

BIT-RABBITMQ-2026-44839 RabbitMQ: Unsanitized vhost names allow for XSS in management UI

RabbitMQ is a messaging and streaming broker. From 3.7.0 to before 4.1.2 and 4.0.13, This vulnerability is fixed in 4.1.2 and 4.0.13...

5.6CVSS5.8AI score0.0018EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:6 a.m.7 views

ipmi: Add limits to event and receive message requests

...

7.5CVSS5.4AI score0.00501EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.18 views

PT-2026-44972

Name of the Vulnerable Software and Affected Versions TP-Link TL-SG108PE v5 affected versions not specified Description A stored cross-site scripting XSS issue exists in the web management interface. This occurs because the SYSNAM configuration parameter is not properly sanitized during the...

5.3CVSS5.7AI score0.00239EPSS
Exploits0References6
Rows per page
Query Builder