2571 matches found
CVE-2026-3101
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted earl...
CVE-2026-3101
CVE-2026-3101 affects Intelbras TIP 635G (firmware 1.12.3.5) with a flaw in the Ping Handler that enables OS command injection. The issue can be triggered remotely and, according to the connected documents, exploits have been made public (PoC maturity noted). Vendors have not responded to disclos...
EUVD-2026-8470
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted earl...
CVE-2026-3101 Intelbras TIP 635G Ping os command injection
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted earl...
CVE-2026-3101 Intelbras TIP 635G Ping os command injection
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted earl...
CVE-2025-70327
TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...
Intelbras TIP 635G 操作系统命令注入漏洞
The Intelbras TIP 635G is an IP phone produced by the Brazilian company Intelbras. Version 1.12.3.5 of the Intelbras TIP 635G contains a vulnerability related to operating system command injection. This vulnerability stems from a flaw in the Ping Handler component, which may allow for OS command...
PT-2026-21763
Name of the Vulnerable Software and Affected Versions Intelbras TIP 635G version 1.12.3.5 Description A flaw exists in the Ping Handler component of the software that allows for os command injection. This can be triggered remotely. The exploit for this issue has been publicly released. The vendor...
CVE-2025-70327
TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...
CVE-2025-70327
TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...
CVE-2026-21863
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might result in the system crashing. The Valkey clusterbus packet processin...
CVE-2026-21863
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might result in the system crashing. The Valkey clusterbus packet processin...
CVE-2026-2910
A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...
CVE-2025-70327
TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...
CVE-2025-70327
Affected product: TOTOLINK X5000R (v9.1.0cu_2415_B20250515). Vulnerability: In the /usr/sbin/lighttpd executable, the setDiagnosisCfg handler uses the ip parameter retrieved via websGetVar and passes it to a ping command through CsteSystem without validating inputs starting with a hyphen, enablin...
PT-2026-21551
Name of the Vulnerable Software and Affected Versions TOTOLINK X5000R version 9.1.0cu 2415 B20250515 Description The software contains an argument injection flaw in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter, obtained using websGetVar, is passed to a ping...
CVE-2025-70327
TOTOLINK X5000R v9.1.0cu2415B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen...
CVE-2026-2910
A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...
CVE-2026-2910 Tenda HG9 formPing6 stack-based overflow
A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...
CVE-2026-2910
CVE-2026-2910 affects the Tenda HG9 line, specifically versions prior to 300001139. The vulnerability resides in the file /boaform/formPing6, where manipulating the pingAddr argument triggers a stack-based overflow. It can be exploited remotely, and an exploit has been published. Remediation: upg...