Lucene search
K

3887 matches found

NVD
NVD
added 2026/06/22 12:16 a.m.10 views

CVE-2026-12815

A vulnerability has been found in coollabsio coolify 4.0.0. Impacted is an unknown function of the component Image Name Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in an...

6.5CVSS0.01158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/21 11:0 p.m.34 views

CVE-2026-12815 coollabsio coolify Image Name os command injection

A vulnerability has been found in coollabsio coolify 4.0.0. Impacted is an unknown function of the component Image Name Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in an...

6.5CVSS0.01158EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/21 11:0 p.m.7 views

CVE-2026-12815

A vulnerability has been found in coollabsio coolify 4.0.0. Impacted is an unknown function of the component Image Name Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in an...

6.5CVSS5.5AI score0.01158EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/21 10:45 p.m.6 views

CVE-2026-12814

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS6.1AI score0.01182EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/06/21 10:16 p.m.13 views

CVE-2026-12809

A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz5in1redirect of the file /goform/wiz5in1redirect of the component POST Request Handler. Such manipulation of the argument newpass leads to command injection. The attack can be launched remotely. The exploit is...

6.5CVSS0.01158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/21 9:45 p.m.21 views

CVE-2026-12810 Edimax BR-6478AC V2 POST Request mp command injection

A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. Th...

6.5CVSS0.01158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/21 9:30 p.m.18 views

CVE-2026-12809 Edimax BR-6478AC V2 POST Request wiz_5in1_redirect command injection

A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz5in1redirect of the file /goform/wiz5in1redirect of the component POST Request Handler. Such manipulation of the argument newpass leads to command injection. The attack can be launched remotely. The exploit is...

6.5CVSS0.01158EPSS
Exploits0References5
CVE
CVE
added 2026/06/21 9:30 p.m.19 views

CVE-2026-12809

Edimax BR-6478AC V2 firmware 1.23 is affected by a command injection in the POST Request Handler, specifically in wiz_5in1_redirect (/goform/wiz_5in1_redirect) where manipulation of the newpass argument enables remote code execution. Attack vector is network-based and requires no user interaction...

6.5CVSS6.5AI score0.01158EPSS
Exploits0References5
NVD
NVD
added 2026/06/21 9:16 p.m.9 views

CVE-2026-12808

A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainfo of the component POST Request Handler. This manipulation of the argument interface causes command injection. The attack can be initiated remotely. The exploit has been publicl...

6.5CVSS0.01182EPSS
Exploits0References5
NVD
NVD
added 2026/06/21 9:16 p.m.12 views

CVE-2026-12807

A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file /goform/setWAN of the component POST Request Handler. The manipulation of the argument pppUserName/pptpUserName/L2TPUserName results in command injection. It is possible to launch the attack...

6.5CVSS0.01182EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/21 8:45 p.m.5 views

CVE-2026-12808

A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainfo of the component POST Request Handler. This manipulation of the argument interface causes command injection. The attack can be initiated remotely. The exploit has been publicl...

6.5CVSS5.7AI score0.01182EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/21 8:45 p.m.20 views

CVE-2026-12808 Edimax BR-6478AC V2 POST Request stainfo command injection

A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainfo of the component POST Request Handler. This manipulation of the argument interface causes command injection. The attack can be initiated remotely. The exploit has been publicl...

6.5CVSS0.01182EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/21 7:45 p.m.6 views

CVE-2026-12807

A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file /goform/setWAN of the component POST Request Handler. The manipulation of the argument pppUserName/pptpUserName/L2TPUserName results in command injection. It is possible to launch the attack...

6.5CVSS6.4AI score0.01182EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/21 7:45 p.m.19 views

CVE-2026-12807

The CVE affects Edimax BR-6478AC V2, version 1.23, where the vulnerable component is the POST Request Handler function setWAN (file /goform/setWAN). Maliciously crafted values for pppUserName, pptpUserName, or L2TPUserName enable command injection, allowing a remote attacker to execute commands. ...

6.5CVSS6.4AI score0.01182EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.13 views

PT-2026-51262

A vulnerability has been found in coollabsio coolify 4.0.0. Impacted is an unknown function of the component Image Name Handler. Such manipulation leads to os command injection. The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in an...

6.5CVSS6.2AI score0.01158EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.18 views

PT-2026-51261

Name of the Vulnerable Software and Affected Versions Comfast CF-WR631AX V3 versions prior to 2.7.0.8 Description A remote OS command injection flaw exists in the API Endpoint component. The issue occurs within the system function of the '/cgi-bin/mbox-config?section=ping config' endpoint when th...

6.5CVSS6.9AI score0.01182EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.17 views

PT-2026-51254

Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V2 version 1.23 Description Command injection can be triggered remotely via the POST Request Handler component. The issue exists within the setWAN function located in the '/goform/setWAN' endpoint. Manipulation of the...

6.5CVSS6.9AI score0.01182EPSS
Exploits0References12
Microsoft CVE
Microsoft CVE
added 2026/06/18 2:0 p.m.10 views

Microsoft Copilot Tampering Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...

7.5CVSS5.9AI score0.00399EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/18 12:0 a.m.18 views

CVE-2026-38715

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a command injection vulnerability in the log viewing function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input...

0.01316EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 12:0 a.m.23 views

CVE-2026-38714

CVE-2026-38714 affects InHand Networks IR912 and IR915 devices (firmware v1.0.0.r20042 and earlier). A command-injection flaw exists in the Python configuration function, allowing remote attackers to execute arbitrary commands as root via a crafted input. Documents do not specify exploited vector...

9.8CVSS6AI score0.01316EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder