CVE-2018-4065

An exploitable cross-site scripting vulnerability exists in the ACEManager pingresult.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the...

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

EUVD-2018-13803

Malware in sbrugna...

EUVD-2024-22160

Malicious code in bioql PyPI...

CVE-2025-42907

SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. On accessing the modified link in the browser a different server could get the ping request. This has low impact on integrity with no impact on confidentiality and availability of the system...

PT-2025-39106

Name of the Vulnerable Software and Affected Versions SAP BI Platform affected versions not specified Description An attacker can modify the IP address within the LogonToken associated with OpenDoc. Accessing the modified link in a web browser may redirect a ping request to a different server. Th...

CVE-2024-24782

An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN...

Design/Logic Flaw

An unauthenticated attacker can send a ping request from one network to another through an error in the origin verification even though the ports are separated by VLAN...

CVE-2024-24782

CVE-2024-24782 describes an access control/origin verification error that allows an unauthenticated attacker to send a ping between isolated networks (across VLAN-segregated ports). Affected products in the connected data include HIMA Paul Hildebrandt F Series and X Series, with the underlying is...

GHSA-PPJG-V974-84CM Go-Ethereum vulnerable to denial of service via malicious p2p message

Impact A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. Details The p2p handler spawned a new goroutine to respond to ping requests. By flooding a node with ping requests, an unbounded number of goroutin...

UBUNTU-CVE-2018-25022

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

Design/Logic Flaw

The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address when knowing only their Tox Id by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion...

CVE-2018-25022

The CVE-2018-25022 entry concerns the Onion module in toxcore before 0.2.2, where the Onion module does not restrict which packets can be onion-routed. This allows a remote attacker to discover a target user’s IP address (given only the Tox Id) by manipulating DHT proximity to cause an onion conn...

CVE-2018-4065

An exploitable cross-site scripting vulnerability exists in the ACEManager pingresult.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the...

Cross site scripting

An exploitable cross-site scripting vulnerability exists in the ACEManager pingresult.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the...

CVE-2018-15887

MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request...

Command injection

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to...

CVE-2018-10562

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to...

CVE-2018-10562

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it’s quite simple to...

D-Link DIR-615 'PING' and 'Send Email' Buffer Overflow Vulnerability

The D-Link DIR-615 is a wireless router product from AUO. A buffer overflow vulnerability exists in the D-Link DIR-615 'PING' and 'Send Email', which allows remote attackers to exploit the vulnerability to submit a special request to crash the service...