Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

45 matches found

CNNVD
CNNVDadded 2026/05/13 12:0 a.m.4 views

ELECOM WRC 操作系统命令注入漏洞

ELECOM WRC is a home-use network camera produced by the Japanese company ELECOM. The ELECOM WRC has a vulnerability related to OS command injection. This vulnerability stems from an OS command injection flaw during the processing of the pingipaddr parameter, which may allow arbitrary OS commands ...

8.6CVSS7.2AI score0.00259EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/16 3:30 p.m.1 views

EUVD-2026-12218

A vulnerability was detected in TRENDnet TEW-632BRP 1.010B32. This affects an unknown part of the file /pingresponse.cgi of the component HTTP POST Request Handler. The manipulation of the argument pingipaddr results in stack-based buffer overflow. The attack may be performed from remote. The...

8.6CVSS6.5AI score0.00057EPSS
Exploits0References5
NVD
NVDadded 2026/03/16 2:19 p.m.1 views

CVE-2026-4172

A vulnerability was detected in TRENDnet TEW-632BRP 1.010B32. This affects an unknown part of the file /pingresponse.cgi of the component HTTP POST Request Handler. The manipulation of the argument pingipaddr results in stack-based buffer overflow. The attack may be performed from remote. The...

8.6CVSS0.00057EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/15 8:32 a.m.2 views

CVE-2026-4172 TRENDnet TEW-632BRP HTTP POST Request ping_response.cgi stack-based overflow

A vulnerability was detected in TRENDnet TEW-632BRP 1.010B32. This affects an unknown part of the file /pingresponse.cgi of the component HTTP POST Request Handler. The manipulation of the argument pingipaddr results in stack-based buffer overflow. The attack may be performed from remote. The...

8.6CVSS6.5AI score0.00057EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEVadded 2026/03/11 12:0 a.m.3 views

VulnCheck KEV: CVE-2022-30425

Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request...

9CVSS5.8AI score0.18925EPSS
In wildExploits2References2
RedhatCVE
RedhatCVEadded 2026/02/23 7:26 a.m.3 views

CVE-2026-2910

A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

9CVSS6AI score0.00154EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/02/22 2:32 a.m.5 views

CVE-2026-2910

A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

9CVSS6.3AI score0.00154EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2026/02/22 2:32 a.m.7 views

CVE-2026-2910

CVE-2026-2910 affects the Tenda HG9 line, specifically versions prior to 300001139. The vulnerability resides in the file /boaform/formPing6, where manipulating the pingAddr argument triggers a stack-based overflow. It can be exploited remotely, and an exploit has been published. Remediation: upg...

9CVSS8.6AI score0.00154EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2026/02/22 2:2 a.m.10 views

CVE-2026-2909

CVE-2026-2909 affects Tenda HG9 300001138. The vulnerability exists in the Diagnostic Ping Endpoint at /boaform/formPing, where manipulating the pingAddr argument triggers a stack-based buffer overflow. It is exploitable remotely, and public exploits exist. CVSS metrics indicate high impact acros...

9CVSS6.3AI score0.00112EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/22 2:2 a.m.3 views

CVE-2026-2909 Tenda HG9 Diagnostic Ping Endpoint formPing stack-based overflow

A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...

9CVSS8.8AI score0.00112EPSS
Exploits1References5
Cvelist
Cvelistadded 2026/02/22 2:2 a.m.22 views

CVE-2026-2909 Tenda HG9 Diagnostic Ping Endpoint formPing stack-based overflow

A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...

9CVSS0.00112EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/22 2:2 a.m.6 views

CVE-2026-2909

A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...

9CVSS6.3AI score0.00112EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVEadded 2025/09/05 12:34 a.m.10 views

CVE-2025-56498

An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...

5.3CVSS7.7AI score0.02694EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/09/03 12:0 a.m.7 views

CVE-2025-56498

An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...

0.02694EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/09/03 12:0 a.m.1 views

PLDT WiFi Router Prolink PGN6401V 安全漏洞

PLDT WiFi Router Prolink PGN6401V is a router from PLDT Philippines. A security vulnerability exists in PLDT WiFi Router Prolink PGN6401V Firmware version 8.1.2, which stems from insufficient cleanup of the pingAddr parameter in the ping6.asp page, which could lead to OS command injection...

5.3CVSS6.9AI score0.02694EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/09/03 12:0 a.m.3 views

PT-2025-35785

Name of the Vulnerable Software and Affected Versions: PLDT WiFi Router Prolink PGN6401V Firmware version 8.1.2 Description: An OS command injection flaw exists in the web management interface. The ping6.asp page submits user input to the /boaform/formPing6 API endpoint via the pingAddr parameter...

5.3CVSS6.9AI score0.02694EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2025/08/16 7:10 a.m.5 views

CVE-2025-8949

A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function getpingappstat of the file pingresponse.cgi of the component httpd. The manipulation of the argument pingipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The...

9.8CVSS7.3AI score0.00807EPSS
Exploits1References1
CVE
CVEadded 2025/08/14 7:2 a.m.18 views

CVE-2025-8949

CVE-2025-8949 concerns a stack-based buffer overflow in D-Link DIR-825 v2.10, affecting the httpd component’s ping_response.cgi function get_ping_app_stat. The vulnerability stems from unsafely handling the ping_ipaddr argument, enabling a remote attacker to overflow a stack buffer. Public disclo...

9.8CVSS7.2AI score0.00807EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2025/08/14 7:2 a.m.2 views

CVE-2025-8949 D-Link DIR-825 httpd ping_response.cgi get_ping_app_stat stack-based overflow

A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function getpingappstat of the file pingresponse.cgi of the component httpd. The manipulation of the argument pingipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The...

8.6CVSS7.2AI score0.00807EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/06/24 12:0 a.m.2 views

5V Technologies Blue Angel Software Suite 操作系统命令注入漏洞

5V Technologies Blue Angel Software Suite is a management and control software suite deployed on embedded Linux devices from 5V Technologies, Taiwan, China. A security vulnerability exists in 5V Technologies Blue Angel Software Suite that originates from an OS command injection attack due to an...

8.8CVSS7.3AI score0.02207EPSS
Exploits1References4
Rows per page
Query Builder