CVE-2026-36827

A command injection vulnerability exists in Panabit PAP-XM320 up to and including V7.7. The web management interface invokes the backend helper /usr/sbin/pappiw and passes user-controlled parameters to it. The helper performs unsafe argument processing using eval, which allows command injection...

EUVD-2026-30954

A command injection vulnerability exists in the /cgi-bin/tools/ajaxcmd endpoint of Panabit PAP-XM320 up to and including v7.7. The CGI component allows authenticated users to execute arbitrary shell commands with root privileges via the action=runcmd parameter...

EUVD-2026-30951

A command injection vulnerability exists in Panabit PAP-XM320 up to and including V7.7. The web management interface invokes the backend helper /usr/sbin/pappiw and passes user-controlled parameters to it. The helper performs unsafe argument processing using eval, which allows command injection...

Panabit analysis of the traffic management system ten-AT command executed

No description provided by source...

System Command Injection Vulnerability in Beijing PaiNet Software Panabit System

Panabit is an application layer traffic management system based on FreeBSDLinux operating system developed by Beijing Panabit. A system command injection vulnerability exists in the Panabit system. The vulnerability allows an attacker to remotely execute system commands, resulting in information...