287 matches found
CVE-2026-49188
The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...
CVE-2026-49188
The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...
CVE-2026-49188
CVE-2026-49188 affects a component where the ai_cmd utility runs with root privileges and pipes socket inputs directly to popen(), enabling unauthenticated users to execute arbitrary root commands. The available sources explicitly state elevated root command execution via ai_cmd sockets, with CVS...
CVE-2026-49188
The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...
EUVD-2026-34205
The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...
CVE-2026-49188 Elevated Root Command Execution via ai_cmd Sockets
The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...
CVE-2026-49188 Elevated Root Command Execution via ai_cmd Sockets
The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...
Acer M6E 安全漏洞
The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability. This vulnerability stems from the aicmd tool executing with full root access, and it involves direct passing of socket inputs to popen, which may allow...
PT-2026-46145
The ai cmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...
CVE-2026-44713
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the socket-path component directly into a shell command passed to popen. Because the value is placed insi...
CVE-2026-44713
Pam_usb vulnerability: in versions prior to 0.8.7, src/tmux.c reads the TMUX environment variable, splits on commas, and interpolates the socket-path directly into a shell command passed to popen(), placing the value inside double quotes without sanitisation. This allows an attacker-controlled va...
pam_usb 安全漏洞
pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contain security vulnerabilities. These vulnerabilities stem from the code in src/tmux.c, which reads the user’s $TMUX environment variable and insert...
EUVD-2026-27394
A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen function call. Attackers with authenticated access to SSH...
CVE-2026-7865
The CVE-2026-7865 entry describes a vulnerability in Crestron devices where a hidden console command can be exploited to perform command injection by passing control characters to the second argument of a popen call. Affected software is the Crestron SSH console exposed on eligible devices; the u...
CVE-2026-7865 Hidden Console Command
A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen function call. Attackers with authenticated access to SSH...
CVE-2026-7865
A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen function call. Attackers with authenticated access to SSH...
CVE-2026-7865 Hidden Console Command
A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen function call. Attackers with authenticated access to SSH...
PT-2026-37084
Name of the Vulnerable Software and Affected Versions Crestron devices affected versions not specified Description A hidden console command contains a command injection flaw occurring when control characters are passed to its second argument. This issue exists in the way the console command is...
CVE-2026-41923
WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the internet.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter. Attackers can exploit...
CVE-2026-41923
WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the internet.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter. Attackers can exploit...