Lucene search
K

19631 matches found

OSV
OSV
added 2026/01/30 11:16 p.m.3 views

CVE-2020-37027

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...

9.8CVSS6.3AI score
Exploits0References4
NVD
NVD
added 2026/01/30 11:16 p.m.5 views

CVE-2020-37027

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...

9.8CVSS0.02255EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/30 10:7 p.m.2 views

CVE-2020-37027 Sickbeard 0.1 - Remote Command Injection

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...

9.8CVSS6.4AI score0.02255EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/30 10:7 p.m.20 views

CVE-2020-37027 Sickbeard 0.1 - Remote Command Injection

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...

9.8CVSS0.02255EPSS
Exploits0References4
CVE
CVE
added 2026/01/30 10:7 p.m.10 views

CVE-2020-37027

Technical details (affected product/version, root cause, exploit info, and fixes) are not publicly provided in the connected documents. Monitor for updates and refer to official advisories for CVE-2020-37027.

9.8CVSS6.5AI score0.02255EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/30 10:7 p.m.3 views

CVE-2020-37027

Sickbeard alpha contains a remote command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands through the extra scripts configuration. Attackers can set malicious commands in the extra scripts field and trigger processing to execute remote code on the...

9.8CVSS6.5AI score0.02255EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/30 9:23 p.m.8 views

CVE-2026-1601

A weakness has been identified in Totolink A7000R 4.1cu.4154. The impacted element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument FileName can lead to command injection. The attack can be launched remotely. The exploit has been made...

6.5CVSS5.7AI score0.01936EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/30 9:23 p.m.7 views

CVE-2026-1623

A weakness has been identified in Totolink A7000R 4.1cu.4154. Impacted is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument FileName causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and...

6.5CVSS5.7AI score0.0218EPSS
Exploits1References1
NVD
NVD
added 2026/01/30 5:16 p.m.4 views

CVE-2026-1690

A flaw has been found in Tenda HG10 USHG7HG9HG10re300001138enxpon. This affects the function system of the file /boaform/formSysCmd. This manipulation of the argument sysCmd causes command injection. The attack may be initiated remotely. The exploit has been published and may be used...

5.8CVSS0.03857EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/01/30 4:32 p.m.30 views

CVE-2026-1690 Tenda HG10 formSysCmd system command injection

A flaw has been found in Tenda HG10 USHG7HG9HG10re300001138enxpon. This affects the function system of the file /boaform/formSysCmd. This manipulation of the argument sysCmd causes command injection. The attack may be initiated remotely. The exploit has been published and may be used...

5.8CVSS0.03857EPSS
Exploits1References6
CVE
CVE
added 2026/01/30 4:32 p.m.15 views

CVE-2026-1690

CVE-2026-1690 affects Tenda HG10 family devices (HG10/HG7/HG9/HG10re_300001138_en_xpon). The flaw resides in the /boaform/formSysCmd handler, where manipulation of the sysCmd argument enables command injection. Attacks may be initiated remotely over the network; exploitation has been published an...

5.8CVSS5.7AI score0.03857EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/01/30 4:32 p.m.6 views

EUVD-2026-5020

A vulnerability was detected in Tenda HG10 USHG7HG9HG10re300001138enxpon. The impacted element is the function checkUserFromLanOrWan of the file /boaform/admin/formLogin of the component Login Interface. The manipulation of the argument Host results in command injection. The attack can be launche...

7.5CVSS5.7AI score0.02537EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/01/30 4:32 p.m.3 views

CVE-2026-1689

A vulnerability was detected in Tenda HG10 USHG7HG9HG10re300001138enxpon. The impacted element is the function checkUserFromLanOrWan of the file /boaform/admin/formLogin of the component Login Interface. The manipulation of the argument Host results in command injection. The attack can be launche...

7.5CVSS5.7AI score0.02537EPSS
Exploits1References6
CVE
CVE
added 2026/01/30 4:32 p.m.17 views

CVE-2026-1689

CVE-2026-1689 affects Tenda HG10 series (HG10re_300001138_en_xpon) where the vulnerability lies in the Login Interface function checkUserFromLanOrWan in the file /boaform/admin/formLogin . Manipulating the argument Host yields a command injection vulnerability that can be exploited remotely. Mult...

7.5CVSS7AI score0.02537EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/30 4:2 p.m.5 views

CVE-2026-1687

A weakness has been identified in Tenda HG10 USHG7HG9HG10re300001138enxpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to launch the attack...

7.5CVSS5.7AI score0.026EPSS
Exploits1References6
EUVD
EUVD
added 2026/01/30 3:50 a.m.4 views

EUVD-2026-5017

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file...

10CVSS6.2AI score0.00336EPSS
Exploits0References1
CVE
CVE
added 2026/01/30 3:50 a.m.25 views

CVE-2026-24729

An unrestricted upload of file with dangerous type vulnerability exists in Interinfo DreamMaker’s file upload function, affecting versions before 2025/10/22. The root cause is an insufficient validation of uploaded files, enabling remote attackers to execute arbitrary system commands via a malici...

10CVSS6.2AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/30 3:24 a.m.8 views

CVE-2026-1547

A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pluginname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be us...

9.8CVSS5.7AI score0.02769EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/30 3:24 a.m.7 views

CVE-2026-1544

A security flaw has been discovered in D-Link DIR-823X 250416. Impacted is the function sub41E2A0 of the file /goform/setmode. Performing a manipulation of the argument langateway results in os command injection. The attack is possible to be carried out remotely. The exploit has been released to...

8.8CVSS5.7AI score0.03348EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/30 3:24 a.m.9 views

CVE-2026-1548

A flaw has been found in Totolink A7000R 4.1cu.4154. This impacts the function CloudACMunualUpdateUserdata of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument url causes command injection. The attack can be initiated remotely. The exploit has been published and may be used...

8.8CVSS5.7AI score0.031EPSS
Exploits1References1
Rows per page
Query Builder