102 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...
CVE-2026-4840
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...
EUVD-2026-16108
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...
CVE-2026-4840
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...
CVE-2026-4840 Netcore Power 15AX Diagnostic Tool netis.cgi setTools os command injection
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...
CVE-2026-4840
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...
CVE-2026-4840 Netcore Power 15AX Diagnostic Tool netis.cgi setTools os command injection
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...
CVE-2026-4840
CVE-2026-4840 affects Netcore Power 15AX up to 3.0.0.6938, specifically the Diagnostic Tool Interface’s /bin/netis.cgi function setTools. The issue arises from manipulating the IpAddr argument, enabling an OS command injection. Remote exploitation is possible, and the exploit has been released pu...
PT-2026-28204
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...
Netcore Power 15AX 操作系统命令注入漏洞
Netcore Power 15AX is a wireless router device produced by Netcore Corporation. Versions of Netcore Power 15AX starting with 3.0.0.6938 and earlier have a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of the parameter IpAddr in the...
VulnCheck KEV: CVE-2025-34117
A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 due to the presence of an undocumented backdoor listener on UDP port 53413. Exact version boundaries remain undocumented. An unauthenticated remote attacker can se...
CVE-2020-37093
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcoreget.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in...
CVE-2020-37093 Netis E1+ 1.2.32533 - Unauthenticated WiFi Password Leak
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcoreget.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in...
CVE-2020-37093 Netis E1+ 1.2.32533 - Unauthenticated WiFi Password Leak
Netis E1+ 1.2.32533 contains an information disclosure vulnerability that allows unauthenticated attackers to retrieve WiFi passwords through the netcoreget.cgi endpoint. Attackers can send a GET request to the endpoint to extract sensitive network credentials including SSID and WiFi passwords in...
CVE-2020-37093
Netis E1+ 1.2.32533 is affected by an information-disclosure vulnerability exposed via the netcore_get.cgi endpoint. An unauthenticated attacker can issue a GET request to netcore_get.cgi and retrieve sensitive wireless credentials, including SSID and WiFi passwords, in plain text. The issue is s...
PT-2026-5843
Name of the Vulnerable Software and Affected Versions Netis E1+ version 1.2.32533 Description An information disclosure issue exists that allows unauthenticated attackers to retrieve WiFi passwords. Attackers can send a GET request to the ''netcore get.cgi'' endpoint to extract sensitive network...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989892)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989892 advisory. In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquire RTNL before calling ip6mrfreetable on failure path ip6mrfreetable can only be...
USN-7835-2 linux-realtime, linux-realtime-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
EUVD-2018-13829
Malware in sbrugna...