24 matches found
CVE-2025-48890
WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be...
CVE-2025-48890
WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be...
CVE-2025-48890
WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be...
CVE-2025-48890
WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be...
Elecom WRH-733GBK和Elecom WRH-733GWH 操作系统命令注入漏洞
The Elecom WRH-733GBK and Elecom WRH-733GWH are both portable routers from Elecom Japan. The Elecom WRH-733GBK and Elecom WRH-733GWH suffer from an operating system command injection vulnerability that stems from improper neutralization of special elements in the miniigd SOAP service, which could...
PT-2025-26696 · Unknown · Wrh-733Gbk +1
Name of the Vulnerable Software and Affected Versions: WRH-733GBK and WRH-733GWH affected versions not specified Description: The issue is related to an improper neutralization of special elements used in an OS command, also known as 'OS Command Injection', in the miniigd SOAP service. A remote...
Realtek SDK Improper Input Validation Vulnerability
Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request...
K57390658: miniigd SOAP service in Realtek SDK vulnerability CVE-2014-8361
Security Advisory Description The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request. CVE-2014-8361 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
Stack overflow
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or miniupnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability that is present due ...
Realtek SDK Miniigd AddPortMapping SOAP Action Command Injection (CVE-2014-8361)
A command injection vulnerability exists in Realtek SDK. The vulnerability is due to lack of input sanitization on user-supplied data when processing the NewInternalClient requests to the miniigd SOAP service. By sending a crafted SOAP request to the affected service, a remote unauthenticated...
Realtek SDK Miniigd UPnP SOAP Command Execution Exploit
Exploit for linux platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Realtek SDK Miniigd UPnP SOAP Command Execution', 'Description' = %q Differen...
Realtek SDK - Miniigd UPnP SOAP Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Realtek SDK Miniigd UPnP SOAP Command Execution', 'Description' = %q Different devices using the Realtek SDK with the miniigd daemon...
Realtek SDK Miniigd UPnP SOAP Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Realtek SDK Miniigd UPnP SOAP Command Execution', 'Description' = %q Different devices using the Realtek SDK with the miniigd daemon...
Realtek SDK Miniigd UPnP SOAP Command Execution
Different devices using the Realtek SDK with the miniigd daemon are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command. This module has been tested successfully on a Trendnet TEW-731BR...
CVE-2014-8361
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023...
CVE-2014-8361
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023...
Design/Logic Flaw
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023...
VulnCheck KEV: CVE-2014-8361
Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request...
CVE-2014-8361
CVE-2014-8361 affects Realtek SDK’s miniigd UPnP SOAP service. The root cause is improper input validation in the NewInternalClient handling, enabling a remote attacker to execute arbitrary code. The description notes exploitation in the wild through 2023. Related sources indicate this vulnerabil...
CVE-2014-8361
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023...