13 matches found
EUVD-2025-23925
Malicious code in bioql PyPI...
CVE-2025-34150
The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 is vulnerable to command injection via the 'user' parameter. Input is processed unsafely during network setup, allowing attackers to execute arbitrary system commands with root privileges...
CVE-2025-34150 Shenzhen Aitemi M300 Wi-Fi Repeater PPPoE Username Command Injection
The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 is vulnerable to command injection via the 'user' parameter. Input is processed unsafely during network setup, allowing attackers to execute arbitrary system commands with root privileges...
CVE-2025-34150
CVE-2025-34150 affects the Shenzhen Aitemi M300 Wi‑Fi Repeater (hardware MT02). The PPPoE configuration interface is vulnerable to command injection via the 'user' parameter; input is processed unsafely during network setup, enabling attackers to run arbitrary commands with root privileges. Repor...
PT-2025-32275 · Aitemi · Aitemi M300 Wi-Fi Repeater
Name of the Vulnerable Software and Affected Versions: Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 affected versions not specified Description: The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater is vulnerable to command injection via the user parameter. Input...
CVE-2023-36841
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service DoS. An attacker who sends malformed TCP...
CVE-2023-33011
A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.10 through 5.36 Patch 2, USG20W-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN...
CVE-2023-33011
A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.10 through 5.36 Patch 2, USG20W-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN...
CVE-2023-33011
A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.10 through 5.36 Patch 2, USG20W-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN...
CVE-2023-33011
A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.10 through 5.36 Patch 2, USG20W-VPN series firmware versions 5.10 through 5.36 Patch 2, and VPN...
PT-2023-3606 · Zyxel · Zyxel Usg Flex Series +4
Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 5.10 through 5.36 Patch 2 Zyxel USG FLEX series versions 5.00 through 5.36 Patch 2 Zyxel USG FLEX 50W series versions 5.10 through 5.36 Patch 2 Zyxel USG20W-VPN series versions 5.10 through 5.36 Patch 2 Zyxel VPN...
Cross site request forgery (csrf)
connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request...
CVE-2017-16953
connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request...