Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

Positive Technologies
Positive Technologiesadded 2026/04/02 12:0 a.m.2 views

PT-2026-29756

Name of the Vulnerable Software and Affected Versions Endian Firewall versions 3.3.25 and prior Description Endian Firewall versions 3.3.25 and earlier allow authenticated users to execute arbitrary OS commands through the DATE parameter in the '/cgi-bin/logs openvpn.cgi' endpoint. The DATE...

8.8CVSS6.1AI score0.00122EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-38344

Malicious code in bioql PyPI...

9.1CVSS8.6AI score0.00353EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 6:22 a.m.5 views

CVE-2024-50998

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpnserviceport and openvpnserviceporttun parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted POST request...

5.7CVSS7.7AI score0.00238EPSS
Exploits0References1
CNVD
CNVDadded 2025/01/17 12:0 a.m.5 views

WAVLINK AC3000 External Configuration Control Vulnerability (CNVD-2025-09257)

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that originates from the openvpn.cgi openvpnserversetup function's selopeninterface parameter failing to correctly filter constructed command special...

9.1CVSS7.4AI score0.00353EPSS
Exploits1References1
CNVD
CNVDadded 2025/01/17 12:0 a.m.4 views

WAVLINK AC3000 External Configuration Control Vulnerability (CNVD-2025-09258)

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that originates from the openvpn.cgi openvpnserversetup function's openport parameter failing to correctly filter constructed command special characters,...

9.1CVSS7.4AI score0.00353EPSS
Exploits1References1
CNVD
CNVDadded 2025/01/17 12:0 a.m.6 views

WAVLINK AC3000 External Configuration Control Vulnerability (CNVD-2025-09259)

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that originates from the openvpn.cgi openvpnserversetup function's selopenprotocol parameter failing to correctly filter constructed command special...

9.1CVSS7.4AI score0.00353EPSS
Exploits1References1
OSV
OSVadded 2025/01/14 3:15 p.m.1 views

CVE-2024-39799

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

7.2CVSS6AI score
Exploits0References2
NVD
NVDadded 2025/01/14 3:15 p.m.5 views

CVE-2024-39800

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

9.1CVSS0.00353EPSS
Exploits1References2
NVD
NVDadded 2025/01/14 3:15 p.m.5 views

CVE-2024-39799

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

9.1CVSS0.00353EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/01/14 2:21 p.m.13 views

CVE-2024-39800

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

9.1CVSS0.00353EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/01/14 2:21 p.m.4 views

CVE-2024-38666

An external config control vulnerability exists in the openvpn.cgi openvpnclientsetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS7AI score0.0585EPSS
Exploits1References1
Talos
Talosadded 2025/01/14 12:0 a.m.19 views

Wavlink AC3000 openvpn.cgi openvpn_server_setup() Configuration Control Vulnerabilities

Talos Vulnerability Report TALOS-2024-2050 Wavlink AC3000 openvpn.cgi openvpnserversetup Configuration Control Vulnerabilities January 14, 2025 CVE Number CVE-2024-39798,CVE-2024-39800,CVE-2024-39799 SUMMARY Multiple external config control vulnerabilities exists in the openvpn.cgi...

9.1CVSS7.7AI score0.00353EPSS
Exploits3
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.0 views

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that originates from the openvpn.cgi openvpnserversetup function's selopeninterface parameter failing to correctly filter constructed command special...

9.1CVSS7.5AI score0.00353EPSS
Exploits1References2
CNVD
CNVDadded 2024/11/07 12:0 a.m.5 views

NETGEAR R8500 openvpn.cgi component buffer overflow vulnerability

The NETGEAR R8500 is a wireless router from NETGEAR. A buffer overflow vulnerability exists in the NETGEAR R8500 v1.0.2.160, which originates from the openvpnserviceport and openvpnserviceporttun parameters in the openvpn.cgi component failing to correctly validate the length and size of the inpu...

5.7CVSS8.3AI score0.00238EPSS
Exploits0References1
OSV
OSVadded 2024/11/05 3:15 p.m.0 views

CVE-2024-50998

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpnserviceport and openvpnserviceporttun parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted POST request...

5.7CVSS5.8AI score
Exploits0References2
NVD
NVDadded 2024/11/05 3:15 p.m.14 views

CVE-2024-50998

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpnserviceport and openvpnserviceporttun parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted POST request...

5.7CVSS0.00238EPSS
Exploits0References2
CVE
CVEadded 2024/11/05 12:0 a.m.47 views

CVE-2024-50998

Netgear R8500 v1.0.2.160 is affected by CVE-2024-50998 due to multiple stack overflow vulnerabilities in the openvpn.cgi component. The openvpn_service_port and openvpn_service_port_tun parameters can trigger a buffer/stack overflow, leading to a Denial of Service (DoS) and, in some sources, pote...

5.7CVSS7.4AI score0.00238EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2024/11/05 12:0 a.m.11 views

CVE-2024-50998

Netgear R8500 v1.0.2.160 was discovered to contain multiple stack overflow vulnerabilities in the component openvpn.cgi via the openvpnserviceport and openvpnserviceporttun parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted POST request...

7.8AI score0.00238EPSS
Exploits0References2
Rows per page
Query Builder