CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/03/27 11:53 a.m.•6 views

CVE-2026-4620

CVE-2026-4620: OS Command Injection in NEC Platforms, Ltd. Aterm Series expose devices to remote command execution over the network. The NEC Aterm Series are affected; the root cause is an OS command injection issue, enabling an attacker to run arbitrary commands on the device. Exploitation detai...

9.8CVSS6.1AI score0.00996EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/03/27 11:53 a.m.•23 views

CVE-2026-4620

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS0.00996EPSS

Vulnrichment•added 2026/03/27 11:53 a.m.•4 views

CVE-2026-4620

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS6.1AI score0.00996EPSS

ATTACKERKB•added 2026/03/27 11:53 a.m.•1 views

CVE-2026-4622

OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network...

7.1CVSS6.1AI score0.00864EPSS

Exploits0References2

Cvelist•added 2026/03/27 5:25 a.m.•25 views

CVE-2026-33280

Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the product’s debugging functionality, resulting in the execution of arbitrary OS commands...

8.6CVSS0.00377EPSS

Exploits0References2

RedhatCVE•added 2026/03/27 4:59 a.m.•7 views

CVE-2026-4840

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...

9CVSS6.7AI score0.08263EPSS

Positive Technologies•added 2026/03/27 12:0 a.m.•5 views

PT-2026-28648

Name of the Vulnerable Software and Affected Versions NEC Platforms, Ltd. Aterm Series affected versions not specified Description An OS Command Injection issue exists in NEC Platforms, Ltd. Aterm Series. This allows a malicious actor to execute arbitrary OS commands through the network...

7.1CVSS6.1AI score0.00864EPSS

Exploits0References4

Positive Technologies•added 2026/03/27 12:0 a.m.•5 views

PT-2026-28646

7.1CVSS6.1AI score0.00996EPSS

Exploits0References4

Positive Technologies•added 2026/03/27 12:0 a.m.•5 views

PT-2026-31589

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A vulnerability exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The issue is related to the setVpnPassCfg function within the CGI Handler component, specifically in the fil...

10CVSS7.3AI score0.15952EPSS

Exploits0References13

RedhatCVE•added 2026/03/26 3:16 p.m.•3 views

CVE-2026-4467

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. The...

5.8CVSS5.5AI score0.02055EPSS

9.8CVSS6.3AI score0.03774EPSS

CVE-2026-4207

A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function...

RedhatCVE•added 2026/03/26 3:15 p.m.•7 views

CVE-2026-4197

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

9.8CVSS6.2AI score0.16779EPSS

9.8CVSS6.4AI score0.03831EPSS

CVE-2026-4203

A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...

9.8CVSS6.3AI score0.03499EPSS

CVE-2026-4195

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file...

RedhatCVE•added 2026/03/26 3:15 p.m.•5 views

CVE-2026-4537

A vulnerability was determined in Cudy TR1200 R46-2.4.15-20250721-164017. Impacted is the function actionipsecconn of the file /usr/bin/lib/lua/luci/controller/ipsec.lua. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has been publicly...

5.8CVSS5AI score0.10296EPSS

9.8CVSS6.2AI score0.035EPSS

CVE-2026-4205

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...

5.8CVSS5.3AI score0.02479EPSS

CVE-2026-4466

A vulnerability has been found in Comfast CF-AC100 2.6.0.8. This affects an unknown function of the file /cgi-bin/mbox-config?method=SET=ntptimezone. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be...

RedhatCVE•added 2026/03/26 3:15 p.m.•5 views

CVE-2026-4196

9.8CVSS6.1AI score0.03738EPSS