CVE-2026-36741

CVE-2026-36741 affects U-SPEED AC1200 Gigabit Wi-Fi Router, Model T18-21K, V1.0. Root cause is improper sanitization of user input in the NTP configuration interface, enabling authenticated users with NTP config permissions to inject arbitrary system commands. Commands execute with elevated privi...

EUVD-2025-9519

Malicious code in bioql PyPI...

CVE-2022-26019

Improper access control vulnerability in pfSense CE and pfSense Plus pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01 allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result ...

CVE-2025-0415

A remote attacker with web administrator privileges can exploit the device’s web interface to execute arbitrary system commands through the NTP settings. Successful exploitation may result in the device entering an infinite reboot loop, leading to a total or partial denial of connectivity for...

CVE-2025-0415

A remote attacker with web administrator privileges can exploit the device’s web interface to execute arbitrary system commands through the NTP settings. Successful exploitation may result in the device entering an infinite reboot loop, leading to a total or partial denial of connectivity for...

CVE-2025-0415 Command Injection in NTP Setting

A remote attacker with web administrator privileges can exploit the device’s web interface to execute arbitrary system commands through the NTP settings. Successful exploitation may result in the device entering an infinite reboot loop, leading to a total or partial denial of connectivity for...

CVE-2025-0415

CVE-2025-0415 is a remote command-injection vulnerability in MOXA device web interfaces via NTP settings. The issue allows a web-admin to execute arbitrary system commands, potentially causing the device to enter an infinite reboot loop and disrupt connectivity for downstream systems. The CVSS ba...

CVE-2025-0415 Command Injection in NTP Setting

A remote attacker with web administrator privileges can exploit the device’s web interface to execute arbitrary system commands through the NTP settings. Successful exploitation may result in the device entering an infinite reboot loop, leading to a total or partial denial of connectivity for...

PT-2024-26443 · Anpviz · Anpviz

Name of the Vulnerable Software and Affected Versions: Anpviz products versions 3.2.2.2 and lower Description: The issue allows unauthenticated users to modify or disable camera-related settings, including microphone volume, speaker volume, LED lighting, NTP, motion detection, etc. This affects...

CVE-2023-34275

D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the...

QNAP VioStor NVR

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor : QNAP Equipment : VioStor NVR Vulnerability : OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability...

CVE-2022-26019

Improper access control vulnerability in pfSense CE and pfSense Plus pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01 allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result ...