Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-53634

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.01135EPSS
Exploits0References1
NVD
NVDadded 2025/01/27 3:15 p.m.5 views

CVE-2024-57590

TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl interface "ntpsync.cgi",which allows remote attackers to execute arbitrary commands via parameter "ntpserver" passed to the "ntpsync.cgi" binary through a POST request...

9.8CVSS0.01135EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/01/27 12:0 a.m.3 views

TRENDnet TEW-632BRP 安全漏洞

The TRENDnet TEW-632BRP is a wireless router from Trendnet, Inc. A security vulnerability exists in TRENDnet TEW-632BRP version 1.010B31, which originates from an OS command injection vulnerability in the CGl interface ntpsync.cgi, which allows remote attackers to execute arbitrary commands...

9.8CVSS8AI score0.01135EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2023/05/29 12:0 a.m.4 views

The vulnerability of D-Link DIR-825 router’s microprogramming software lies in the lack of measures to clean incoming data, allowing attackers to execute arbitrary commands.

The vulnerability of D-Link DIR-825 router’s microprogramming software is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created POST request, ntpsync.cgi, through the ntpserver...

9CVSS8.2AI score0.23514EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTECadded 2020/06/19 12:0 a.m.8 views

The vulnerability of the ntp_sync.cgi component of the D-Link DIR-825 router’s microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the ntpsync.cgi component of the D-Link DIR-825 router’s microprogramming system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

9CVSS8.3AI score0.18327EPSS
Exploits1References3Affected Software1
Prion
Prionadded 2020/03/07 1:15 a.m.13 views

Stack overflow

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

9CVSS8.9AI score0.18327EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2019/02/25 5:29 a.m.4 views

CVE-2019-9122

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the ntpserver parameter in an ntpsync.cgi POST request...

8.8CVSS7.6AI score0.23514EPSS
Exploits1References1
CVE
CVEadded 2019/02/25 5:0 a.m.67 views

CVE-2019-9122

The CVE-2019-9122 issue affects D-Link DIR-825 Rev.B firmware 2.10. An input validation flaw in the ntp_sync.cgi endpoint allows a remote attacker to pass ntp_server in a POST request to execute arbitrary commands, giving remote code execution with high impact (C/H/I/H) per CVSS 3.1. Exploitation...

8.8CVSS9AI score0.23514EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder