Lucene search
K

54821 matches found

Vulnrichment
Vulnrichment
added 2025/12/11 9:36 p.m.4 views

CVE-2024-58294 FreePBX 16 Authenticated Remote Code Execution via API Module

FreePBX 16 contains an authenticated remote code execution vulnerability in the API module that allows attackers with valid session credentials to execute arbitrary commands. Attackers can exploit the 'generatedocs' endpoint by crafting malicious POST requests with bash command injection to...

8.7CVSS8.6AI score0.03118EPSS
Exploits1References4
CVE
CVE
added 2025/12/11 9:36 p.m.12 views

CVE-2024-58294

CVE-2024-58294 affects FreePBX 16. An authenticated remote code execution vulnerability exists in the API module, exploitable by crafting malicious POST requests to the generatedocs endpoint with bash command injection to gain remote shell access. This is documented across multiple sources (NVD, ...

8.8CVSS8.6AI score0.03118EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/12/11 9:31 p.m.4 views

EUVD-2025-202717

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

7.3AI score0.02244EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/11 9:31 p.m.4 views

EUVD-2025-202722

OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP3.01B11P280YST250F V1.xxV2.xx allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua...

7.3AI score0.01451EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/11 9:31 p.m.4 views

EUVD-2025-202719

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

7.3AI score0.02666EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/11 9:31 p.m.4 views

EUVD-2025-202729

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

7.3AI score0.02486EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/11 9:31 p.m.4 views

EUVD-2025-202734

OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

7.3AI score0.02244EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/11 9:31 p.m.5 views

EUVD-2025-202736

OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

7.3AI score0.02486EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/11 8:2 p.m.6 views

EUVD-2025-202874

A security flaw has been discovered in code-projects Class and Exam Timetable Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login. The manipulation of the argument username/password results in sql injection. The attack may be...

7.5CVSS6.5AI score0.00547EPSS
Exploits1References8
NVD
NVD
added 2025/12/11 7:15 p.m.6 views

CVE-2025-56130

OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...

8.8CVSS0.01809EPSS
Exploits1References2
OSV
OSV
added 2025/12/11 7:15 p.m.7 views

CVE-2025-56130

OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH3.01B11P230 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleupdate in file /usr/local/lua/devconfig/acesw.lua...

8.8CVSS6.1AI score0.01809EPSS
Exploits1References2
OSV
OSV
added 2025/12/11 7:15 p.m.5 views

CVE-2025-56120

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

8.8CVSS6.1AI score0.02308EPSS
Exploits1References3
OSV
OSV
added 2025/12/11 7:15 p.m.3 views

CVE-2025-56114

OS Command Injection vulnerability in Ruijie M18 EW3.01B11P226M1810223116 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

8.8CVSS6.1AI score0.02244EPSS
Exploits1References3
OSV
OSV
added 2025/12/11 7:15 p.m.4 views

CVE-2025-56124

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

7.8CVSS6AI score0.01135EPSS
Exploits1References3
OSV
OSV
added 2025/12/11 7:15 p.m.4 views

CVE-2025-56118

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

8.8CVSS6.1AI score0.02244EPSS
Exploits1References3
OSV
OSV
added 2025/12/11 7:15 p.m.3 views

CVE-2025-56117

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

8.8CVSS6.1AI score0.02666EPSS
Exploits1References3
NVD
NVD
added 2025/12/11 7:15 p.m.4 views

CVE-2025-56118

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

8.8CVSS0.02244EPSS
Exploits1References3
NVD
NVD
added 2025/12/11 7:15 p.m.8 views

CVE-2025-56113

OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP3.01B11P280YST250F V1.xxV2.xx allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua...

8.8CVSS0.01451EPSS
Exploits0References3
OSV
OSV
added 2025/12/11 7:15 p.m.4 views

CVE-2025-56106

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

8.8CVSS6.1AI score0.02486EPSS
Exploits1References3
OSV
OSV
added 2025/12/11 7:15 p.m.3 views

CVE-2025-56108

OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V109241521 allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua...

8.8CVSS6.1AI score0.02324EPSS
Exploits1References3
Rows per page
Query Builder