CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

163 matches found

RedhatCVE•added 2025/05/23 1:12 a.m.•10 views

CVE-2022-32092

D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERYSTRING parameter at ajaxexplorer.sgi...

9.8CVSS7.9AI score0.2247EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:28 a.m.•3 views

CVE-2022-48069

Totolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUERYSTRING parameter...

7.5CVSS8AI score0.11165EPSS

Exploits1

RedhatCVE•added 2025/05/23 12:4 a.m.•6 views

CVE-2022-25084

TOTOLink T6 V5.9c.4085B20190428 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.6AI score0.84255EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:4 a.m.•5 views

CVE-2022-25079

TOTOLink A810R V4.1.2cu.5182B20201026 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.6AI score0.05664EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:4 a.m.•3 views

CVE-2022-25075

TOTOLink A3000RU V5.9c.2280B20180512 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.6AI score0.42094EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 12:4 a.m.•5 views

CVE-2022-25076

TOTOLink A800R V4.1.2cu.5137B20200730 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.6AI score0.05664EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:31 p.m.•3 views

CVE-2022-25081

TOTOLink T10 V5.9c.5061B20200511 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.6AI score0.05664EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:31 p.m.•4 views

CVE-2022-25082

TOTOLink A950RG V5.9c.4050B20190424 and V4.1.2cu.5204B20210112 were discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.7AI score0.89573EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:53 p.m.•3 views

CVE-2022-25077

TOTOLink A3100R V4.1.2cu.5050B20200504 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.6AI score0.51028EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:47 p.m.•4 views

CVE-2022-25083

TOTOLink A860R V4.1.2cu.5182B20201027 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.6AI score0.05664EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 6:55 p.m.•3 views

CVE-2021-45742

TOTOLINK A720R v4.1.5cu.470B20200911 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

10CVSS8.7AI score0.18709EPSS

Exploits1

CNVD•added 2025/05/07 12:0 a.m.•1 views

TOTOLINK A800R Command Injection Vulnerability (CNVD-2025-09933)

TOTOLINK A800R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A800R suffers from a command injection vulnerability that stems from the QUERYSTRING parameter in downloadFile.cgi failing to correctly filter constructed command special characters, commands, and so on. No...

6.5CVSS7.5AI score0.0236EPSS

Exploits1References1

RedhatCVE•added 2025/04/26 5:58 a.m.•5 views

CVE-2025-29044

Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERYSTRING key value...

9.8CVSS8AI score0.11491EPSS

Exploits1References1

RedhatCVE•added 2025/04/26 5:25 a.m.•6 views

CVE-2025-28017

TOTOLINK A800R V4.1.2cu.5032B20200408 is vulnerable to Command Injection in downloadFile.cgi via the QUERYSTRING parameter...

6.5CVSS7.3AI score0.0236EPSS

Exploits1References1

CNVD•added 2025/04/24 12:0 a.m.•2 views

NETGEAR R61 Buffer Overflow Vulnerability

The NETGEAR R61 is a wireless router from NETGEAR. The NETGEAR R61 suffers from a buffer overflow vulnerability that stems from improper handling of the QUERYSTRING key value, which can be exploited by an attacker to execute arbitrary code...

9.8CVSS7.4AI score0.11491EPSS

Exploits1References1

NVD•added 2025/04/23 5:16 p.m.•5 views

CVE-2025-28017

TOTOLINK A800R V4.1.2cu.5032B20200408 is vulnerable to Command Injection in downloadFile.cgi via the QUERYSTRING parameter...

6.5CVSS0.0236EPSS

Exploits1References2

CVE•added 2025/04/23 12:0 a.m.•52 views

CVE-2025-28017

CVE-2025-28017 affects TOTOLINK A800R, version 4.1.2cu.5032_B20200408, with a Command Injection vulnerability in downloadFile.cgi exploitable via QUERY_STRING. Root cause per sources: failure to properly filter constructed command characters in that parameter. Impacts include potential remote com...

6.5CVSS7.5AI score0.0236EPSS

Exploits1References2Affected Software1