EUVD-2025-16629

Malicious code in bioql PyPI...

EUVD-2022-31531

Malicious code in bioql PyPI...

CVE-2025-5440

A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument...

CVE-2025-5440

A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument...

CVE-2025-5440

A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument...

CVE-2025-5440

CVE-2025-5440 affects Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 (firmware variants 1.0.013.001–1.2.07.001). The NTP endpoint at /goform/NTP accepts parameters manual_year_select/manual_month_select/manual_day_select/manual_hour_select/manual_min_select/manual_sec_select that enable OS com...

PT-2025-23489 · Linksys · Linksys Re9000 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000 versions 1.0.013.001 through 1.2.07.001 Description: A critical vulnerability has been found in the Linksys RE-series range extenders. This affects the NTP function of the file...

CVE-2023-46540

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formNtp...

Linux Distros Unpatched Vulnerability : CVE-2015-7702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cryptoxmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash. NOTE: This...

Zyxel NBG6604 Command Injection Vulnerability (CNVD-2023-64085)

The Zyxel NBG6604 is a dual-band wireless router from China's Hopkins Zyxel. The Zyxel NBG6604 V1.01ABIR.1C0 suffers from a command injection vulnerability that stems from a failure to properly filter constructed command special characters, commands, etc. in the NTP function. An attacker can...

Linksys WUMC710 操作系统命令注入漏洞

The Linksys WUMC710 is a universal media connector from Linksys USA. A command injection vulnerability exists in the Linksys WUMC710 Wireless-AC Universal Media Connector version 1.0.02 build3 and prior versions. The vulnerability stems from the dosetNTP function in the httpd binary that uses...

Multiple ARRIS Product Command Injection Vulnerabilities (CNVD-2022-68534)

ARRIS SBR-AC1900P, SBR-AC3200P and SBR-AC1200P is a Wi-Fi router from ARRIS USA. Multiple ARRIS products are vulnerable to a command injection vulnerability, which stems from the TimeZone parameter in the ntp function failing to properly filter the construct command special characters, commands,...

CVE-2022-26991

Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

Command injection

Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...