Lucene search
K

15300 matches found

NVD
NVD
added 2023/02/02 1:15 p.m.39 views

CVE-2022-46552

D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...

8.8CVSS8.7AI score0.10503EPSS
Exploits4References7
Prion
Prion
added 2023/02/02 1:15 p.m.17 views

Design/Logic Flaw

D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...

6.5CVSS8.8AI score0.10503EPSS
Exploits4References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/02 12:0 a.m.17 views

Webmin < 1.910 Remote Command Execution

According to its self-reported version, the Webmin install hosted on the remote host is prior to 1.910. It is, therefore, affected by a Remote Command Execution Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No...

7.8CVSS7.5AI score0.23689EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2023/02/02 12:0 a.m.18 views

Webmin < 1.920 Remote Command Execution

According to its self-reported version, the Webmin install hosted on the remote host is prior to 1.920. It is, therefore, affected by a Remote Command Execution Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No...

7.8CVSS7.5AI score0.23689EPSS
Exploits3References3
Vulnrichment
Vulnrichment
added 2023/02/02 12:0 a.m.4 views

CVE-2022-46552

D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...

8.7AI score0.10503EPSS
Exploits4References7
CVE
CVE
added 2023/02/02 12:0 a.m.72 views

CVE-2022-46552

CVE-2022-46552 affects D-Link DIR-846 firmware FW100A53DBR, exposing a remote command execution vulnerability via the lan(0)_dhcps_staticlist parameter. The issue can be triggered by a crafted POST request, enabling arbitrary commands on the device. Multiple connected sources corroborate the vuln...

8.8CVSS8.7AI score0.10503EPSS
Exploits4References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/02 12:0 a.m.74 views

Webmin < 1.930 Remote Command Execution

According to its self-reported version, the Webmin install hosted on the remote host is 1.890 to 1.920. It is, therefore, affected by a remote command execution vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...

10CVSS7.2AI score0.99766EPSS
Exploits38References5
Cvelist
Cvelist
added 2023/02/02 12:0 a.m.36 views

CVE-2022-46552

D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...

9AI score0.10503EPSS
Exploits4References7
CNNVD
CNNVD
added 2023/02/01 12:0 a.m.7 views

F5 BIG-IP 代码问题漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A command execution vulnerability exists in F5 BIG-IP Edge Client for Windows, which can be exploited by attackers to execute...

6.5CVSS7.6AI score0.00197EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2023/02/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2019-10891

An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnapmain, which calls system without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP header...

10CVSS7.7AI score0.19442EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2023/01/31 12:0 a.m.6 views

The vulnerability of InHand Networks InRouter302’s microprogramming software, related to access control deficiencies. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands and increase their privileges.

The vulnerability of InHand Networks InRouter302 microprogrammed software lies in its lack of access control mechanisms. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely and increase their privileges...

9CVSS7.6AI score0.01845EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2023/01/31 12:0 a.m.378 views

Control Web Panel Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'CWP login.php Unauthenticated RCE', 'Description' = %q Control Web Panel versions 'Spencer McIntyre', metasploit module...

9.8CVSS0.6AI score0.99995EPSS
Exploits12
BDU FSTEC
BDU FSTEC
added 2023/01/31 12:0 a.m.3 views

The vulnerability of InHand Networks InRouter302’s microprogramming software arises from the failure to take measures to neutralize the special elements used in the operating system command set. This vulnerability allows a perpetrator to execute arbitrary commands.

The vulnerability of InHand Networks InRouter302 microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9.9CVSS8.1AI score0.12653EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/31 12:0 a.m.5 views

The vulnerability of NETGEAR XR450 and XR500 Wi-Fi routers’ built-in software lies in the lack of measures taken to clean data at the management level, allowing attackers to execute arbitrary commands.

The vulnerability of NETGEAR XR450 and XR500 Wi-Fi routers’ built-in software relates to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted data remotely...

7CVSS5.8AI score
Exploits0References1Affected Software2
OSV
OSV
added 2023/01/26 10:15 p.m.3 views

CVE-2022-41027

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

7.2CVSS6.3AI score0.02207EPSS
Exploits1References2
OSV
OSV
added 2023/01/26 10:15 p.m.3 views

CVE-2022-41003

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS6.3AI score0.01733EPSS
Exploits1References2
OSV
OSV
added 2023/01/26 10:15 p.m.3 views

CVE-2022-41004

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS6.3AI score0.01666EPSS
Exploits1References2
OSV
OSV
added 2023/01/26 10:15 p.m.2 views

CVE-2022-40998

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS6.3AI score0.01415EPSS
Exploits0References2
OSV
OSV
added 2023/01/26 10:15 p.m.4 views

CVE-2022-40994

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS6.3AI score0.01372EPSS
Exploits0References2
OSV
OSV
added 2023/01/26 10:15 p.m.2 views

CVE-2022-40986

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS6.3AI score0.01415EPSS
Exploits0References2
Rows per page
Query Builder