CVE-2023-24333

A stack overflow vulnerability in Tenda AC21 with firmware version USAC21V1.0reV16.03.08.15cnTDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/openSchedWifi...

CVE-2023-24333

A stack overflow vulnerability in Tenda AC21 with firmware version USAC21V1.0reV16.03.08.15cnTDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/openSchedWifi...

CVE-2023-24331

Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816A2v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter...

Exploit for Path Traversal in Connectwise Screenconnect

CVE-2024-1708 and CVE-2024-1709 A Proof of Concept developed...

PT-2024-7144 · NetGear · Netgear Ex3700 +2

Name of the Vulnerable Software and Affected Versions: Netgear EX6120 version 1.0.0.68 Netgear EX6100 version 1.0.2.28 Netgear EX3700 version 1.0.0.96 Description: The issue is related to a command injection flaw in the operating mode.cgi script of Netgear EX Series Wi-Fi Extenders. This flaw is...

D-Link DIR882 Security Vulnerability

The D-Link DIR882 is a dual-band wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR882 DIR882A1FW130B06 firmware version, which originated from a vulnerability that allows attackers to run arbitrary commands via /HNAP1/ using a crafted POST request...

PT-2024-7222 · NetGear · Netgear Ex3700

Name of the Vulnerable Software and Affected Versions: Netgear EX3700 versions prior to 1.0.0.98 Description: The issue is related to a lack of input sanitization in the operating mode.cgi script of the NETGEAR EX3700 router's firmware. This can be exploited by a remote attacker to execute...

PT-2024-7220 · NetGear · Netgear Xr1000

Name of the Vulnerable Software and Affected Versions: Netgear XR1000 version 1.0.0.64 Description: The issue is related to a lack of input sanitization in the usb remote smb conf.cgi script of the NETGEAR XR1000 Wi-Fi router's firmware. This can be exploited by a remote attacker to execute...

ELECOM wireless LAN routers security vulnerability

ELECOM wireless LAN routers are a series of routers from ELECOM Japan. A security vulnerability exists in ELECOM wireless LAN routers. An attacker could exploit the vulnerability to execute arbitrary operating system commands by sending specially crafted requests. The following products and...

Torrentpier Code Issue Vulnerability

Torrentpier TorrentPier is a bull-driven BitTorrent public/private tracker engine from Torrentpier Inc. A code issue vulnerability exists in Torrentpier version 2.4.1, which stems from the presence of a deserialization vulnerability that allows an attacker to execute arbitrary commands on the...

PT-2024-1946 · Commend · Commend Ws203Vicm

Name of the Vulnerable Software and Affected Versions: Commend WS203VICM affected versions not specified Description: The issue is related to insufficient access control in the Commend WS203VICM IP station's firmware. A remote attacker may be able to bypass access control by creating a malicious...

The vulnerability of the microprogrammed control units Saho ADM100 and ADM-100FP lies in the possibility of unlimited loading of dangerous files, allowing a intruder to execute arbitrary commands.

The vulnerability of the microprogrammed control units Saho ADM100 and ADM-100FP lies in the ability to download files of a malicious nature without limitation. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely by introducing specially crafted files...

The vulnerability of the log management function of the email audit platform MailSherlock allows a perpetrator to execute arbitrary commands.

The vulnerability of the log management function of the email audit platform MailSherlock is related to the lack of data cleaning measures at the administrative level. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary commands...

Kafka UI 0.7.1 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.', 'Description' = %q A command injection vulnerability exists in...

Amazon Linux 2 : atril (ALASMATE-DESKTOP1.X-2024-006)

The version of atril installed on the remote host is prior to 1.20.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2MATE-DESKTOP1.X-2024-006 advisory. Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and...

The vulnerability of the uHTTPd web server, a microprogramming-based VPN router from TP-Link, model ER7206 Omada, allows a hacker to execute arbitrary commands.

The vulnerability of the uHTTPd web server of the TP-Link ER7206 Omada wireless router exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands through ports 80/443 remotely...

The vulnerability of the implementation of the PPTP protocol by the microprogramming-based VPN router TP-Link ER7206 Omada allows a perpetrator to execute arbitrary commands.

The vulnerability of the PPTP protocol implementation in the TP-Link ER7206 Omada VPN router software exists due to the lack of measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands through ports 80/443 remotely...

The vulnerability of the PPTP-client of the microprogramming software-based VPN router TP-Link ER7206 Omada allows a hacker to execute arbitrary commands.

The vulnerability of the PPTP-client of the microprogramming-based VPN router TP-Link ER7206 Omada exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary commands through port 80/44...

The vulnerability of the genacgi_main function in the D-LINK GO-RT-AC750 router software allows a hacker to execute arbitrary commands.

The vulnerability of the genacgimain function in the D-LINK GO-RT-AC750 router microprogramming system is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the uHTTPd web server, a microprogramming-based software for TP-Link ER7206 Omada VPN routers, allows attackers to execute arbitrary commands.

The vulnerability of the uHTTPd web server of the TP-Link ER7206 Omada wireless router exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands through ports 80/443 remotely...