59 matches found
EUVD-2009-4336
Malware in sbrugna...
EUVD-2023-58546
Malicious code in bioql PyPI...
EUVD-2023-28537
Malicious code in bioql PyPI...
OESA-2025-1952 iputils security update
The iputils package contains basic utilities for monitoring a network, including ping. The ping command sends a series of ICMP protocol ECHOREQUEST packets to a specified network host to discover whether the target machine is alive and receiving network traffic. Security Fixes: ping in iputils...
CVE-2023-24519
Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
CVE-2025-32469
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.5, RUGGEDCOM ROX MX5000RE All versions V2.16.5, RUGGEDCOM ROX RX1400 All versions V2.16.5, RUGGEDCOM ROX RX1500 All versions V2.16.5, RUGGEDCOM ROX RX1501 All versions V2.16.5, RUGGEDCOM ROX RX1510 All versions V2.16.5...
CVE-2022-48580
A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...
VulnCheck KEV: CVE-2021-42912
FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands...
CVE-2023-6304
A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...
CVE-2023-6304
A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...
Command injection
A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...
CVE-2023-6304
CVE-2023-6304 affects Tecno 4G Portable WiFi TR118 (TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830). The Ping Tool component’s /goform/goform_get_cmd_process exposes the url argument to OS command injection, allowing remote exploitation. Multiple sources indicate the vulnerability can be triggered...
CVE-2023-6304 Tecno 4G Portable WiFi TR118 Ping Tool goform_get_cmd_process os command injection
A vulnerability was found in Tecno 4G Portable WiFi TR118 TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830. It has been declared as critical. This vulnerability affects unknown code of the file /goform/goformgetcmdprocess of the component Ping Tool. The manipulation of the argument url leads to os...
PT-2023-32604 · Tecno · Tecno 4G Portable Wifi Tr118
Name of the Vulnerable Software and Affected Versions: Tecno 4G Portable WiFi TR118 version TR118-M30E-RR-D-EnFrArSwHaPo-OP-V008-20220830 Description: A critical issue has been identified, affecting the Ping Tool component, specifically the /goform/goform get cmd process file. The url argument is...
CVE-2022-48580
A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...
CVE-2023-4203
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface...
CVE-2023-4203
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface...
Cross site scripting
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface...
CVE-2023-4203 Stored Cross-Site Scripting
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by a Stored Cross-Site Scripting vulnerability, which can be triggered by authenticated users in the ping tool of the web-interface...
CVE-2023-4203
CVE-2023-4203 affects Advantech EKI-1521/1522/1524 device servers up to version 1.21 (and related 1.24 line) with a stored XSS in the web-interface ping tool, exploitable by authenticated users. The issue is documented across multiple sources (NVD, Red Hat, CISA/ICS advisory, and PacketStorm) and...