15300 matches found
CVE-2022-46552
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
Design/Logic Flaw
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
Webmin < 1.910 Remote Command Execution
According to its self-reported version, the Webmin install hosted on the remote host is prior to 1.910. It is, therefore, affected by a Remote Command Execution Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No...
Webmin < 1.920 Remote Command Execution
According to its self-reported version, the Webmin install hosted on the remote host is prior to 1.920. It is, therefore, affected by a Remote Command Execution Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No...
CVE-2022-46552
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
CVE-2022-46552
CVE-2022-46552 affects D-Link DIR-846 firmware FW100A53DBR, exposing a remote command execution vulnerability via the lan(0)_dhcps_staticlist parameter. The issue can be triggered by a crafted POST request, enabling arbitrary commands on the device. Multiple connected sources corroborate the vuln...
Webmin < 1.930 Remote Command Execution
According to its self-reported version, the Webmin install hosted on the remote host is 1.890 to 1.920. It is, therefore, affected by a remote command execution vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...
CVE-2022-46552
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
F5 BIG-IP 代码问题漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A command execution vulnerability exists in F5 BIG-IP Edge Client for Windows, which can be exploited by attackers to execute...
VulnCheck KEV: CVE-2019-10891
An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnapmain, which calls system without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP header...
The vulnerability of InHand Networks InRouter302’s microprogramming software, related to access control deficiencies. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands and increase their privileges.
The vulnerability of InHand Networks InRouter302 microprogrammed software lies in its lack of access control mechanisms. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely and increase their privileges...
Control Web Panel Unauthenticated Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'CWP login.php Unauthenticated RCE', 'Description' = %q Control Web Panel versions 'Spencer McIntyre', metasploit module...
The vulnerability of InHand Networks InRouter302’s microprogramming software arises from the failure to take measures to neutralize the special elements used in the operating system command set. This vulnerability allows a perpetrator to execute arbitrary commands.
The vulnerability of InHand Networks InRouter302 microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of NETGEAR XR450 and XR500 Wi-Fi routers’ built-in software lies in the lack of measures taken to clean data at the management level, allowing attackers to execute arbitrary commands.
The vulnerability of NETGEAR XR450 and XR500 Wi-Fi routers’ built-in software relates to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending specially crafted data remotely...
CVE-2022-41027
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41003
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41004
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-40998
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-40994
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-40986
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...