CVE-2023-36103

Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request...

CVE-2024-43386

A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAILNOTIFICATION.TO in mGuard devices...

The vulnerability of the microprogramming software of Mitel telephones of models 6800, 6900, 6970, and 6900w lies in the fact that it allows for the insertion or modification of arguments, enabling a perpetrator to execute arbitrary commands.

The vulnerability of the microprogramming software in SIP phones of the Mitel series 6800, 6900, 6970, and 6900w is related to the implementation or modification of arguments. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

PT-2024-30546 · Mguard · Mguard

Name of the Vulnerable Software and Affected Versions: mGuard devices affected versions not specified Description: A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due to improper neutralization of special elements in the variable EMAIL NOTIFICATION.TO...

CVE-2024-44335

D-Link DI-7003G v19.12.24A1, DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution RCE via versionupgrade.asp...

CVE-2024-44334

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution due to insufficient parameter filtering in the CGI handling function of upgradefilter.asp...

CVE-2024-44333

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution. An attacker can achieve arbitrary command execution by sending a carefully crafted malicious...

PT-2024-32391 · Dataease +1 · Dataease +1

Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 1.18.25 Description: DataEase is an open source data visualization analysis tool. The PostgreSQL data source function allows customization of JDBC connection parameters and the PG server target. However, the...

D-Link多款产品 安全漏洞

D-Link DI-7003G and others are a wireless router from China-based AUO D-Link. A security vulnerability exists in various D-Link products. An attacker exploiting the vulnerability can remotely execute commands. The following products and versions are affected: D-Link DI-7003G v19.12.24A1, DI-7003G...

Vulnerability of QTS and QuTS operating systems, as well as Qnap network devices, arises from the lack of measures taken to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary commands.

The vulnerability of QTS and QuTS operating systems, as well as Qnap network devices, is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

CVE-2024-44334

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution due to insufficient parameter filtering in the CGI handling function of upgradefilter.asp...

CVE-2024-44335

Affected devices: D-Link DI-7003G (v19.12.24A1), DI-7003GV2 (v24.04.18D1), DI-7100G+V2 (v24.04.18D1), DI-7100GV2 (v24.04.18D1), DI-7200GV2 (v24.04.18E1), DI-7300G+V2 (v24.04.18D1), and DI-7400G+V2 (v24.04.18D1). RedHat and NVD descriptions confirm a Remote Command Execution (RCE) vulnerability vi...

CVE-2024-44335

D-Link DI-7003G v19.12.24A1, DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution RCE via versionupgrade.asp...

PT-2024-6438 · D Link · Di-7200Gv2 +4

Name of the Vulnerable Software and Affected Versions: D-Link DI-7003GV2 version 24.04.18D1 D-Link DI-7100G+V2 version 24.04.18D1 D-Link DI-7100GV2 version 24.04.18D1 D-Link DI-7200GV2 version 24.04.18E1 D-Link DI-7300G+V2 version 24.04.18D1 D-Link DI-7400G+V2 version 24.04.18D1 Description: The...

CVE-2024-44333

CVE-2024-44333 affects multiple D-Link routers (DI-7003GV2, DI-7100G+V2, DI-7100GV2, DI-7200GV2, DI-7300G+V2, DI-7400G+V2). The issue is a Remote Command Execution in the CGI handling usb_paswd.asp, caused by insufficient input handling in that function. An attacker can send a crafted string to e...

CVE-2024-44333

D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution. An attacker can achieve arbitrary command execution by sending a carefully crafted malicious...

PT-2024-6519 · D Link · Di-7200Gv2 +5

Name of the Vulnerable Software and Affected Versions: D-Link DI-7003G version 19.12.24A1 D-Link DI-7003GV2 version 24.04.18D1 D-Link DI-7100G+V2 version 24.04.18D1 D-Link DI-7100GV2 version 24.04.18D1 D-Link DI-7200GV2 version 24.04.18E1 D-Link DI-7300G+V2 version 24.04.18D1 D-Link DI-7400G+V2...

PT-2024-6387 · Zyxel · Zyxel Nas326 +1

Name of the Vulnerable Software and Affected Versions: Zyxel NAS326 versions through V5.21AAZF.18C0 Zyxel NAS542 versions through V5.21ABAG.15C0 Description: A command injection vulnerability in the export-cgi program of Zyxel NAS326 and NAS542 firmware could allow an unauthenticated attacker to...

CVE-2024-44334

CVE-2024-44334 affects D-Link DI-7003GV2, DI-7100G+V2, DI-7100GV2, DI-7200GV2, DI-7300G+V2, and DI-7400G+V2 with firmware 24.04.18D1/D1/E1. Root cause: insufficient parameter filtering in the CGI upgrade_filter.asp function allowing Remote Command Execution. Impact: high (Remote Command Execution...

PT-2024-6518 · D Link · Di-7200Gv2 +4

Name of the Vulnerable Software and Affected Versions: D-Link DI-7003GV2 version 24.04.18D1 D-Link DI-7100G+V2 version 24.04.18D1 D-Link DI-7100GV2 version 24.04.18D1 D-Link DI-7200GV2 version 24.04.18E1 D-Link DI-7300G+V2 version 24.04.18D1 D-Link DI-7400G+V2 version 24.04.18D1 Description: The...