EUVD-2024-53634

Malicious code in bioql PyPI...

CVE-2024-57590

TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl interface "ntpsync.cgi",which allows remote attackers to execute arbitrary commands via parameter "ntpserver" passed to the "ntpsync.cgi" binary through a POST request...

TRENDnet TEW-632BRP 安全漏洞

The TRENDnet TEW-632BRP is a wireless router from Trendnet, Inc. A security vulnerability exists in TRENDnet TEW-632BRP version 1.010B31, which originates from an OS command injection vulnerability in the CGl interface ntpsync.cgi, which allows remote attackers to execute arbitrary commands...

Stack overflow

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

CVE-2019-9122

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the ntpserver parameter in an ntpsync.cgi POST request...

CVE-2019-9122

The CVE-2019-9122 issue affects D-Link DIR-825 Rev.B firmware 2.10. An input validation flaw in the ntp_sync.cgi endpoint allows a remote attacker to pass ntp_server in a POST request to execute arbitrary commands, giving remote code execution with high impact (C/H/I/H) per CVSS 3.1. Exploitation...