19639 matches found
📄 Siklu EtherHaul Series EH-8010 / EH-1200 Remote Command Execution
Siklu EtherHaul Series EH-8010 and EH-1200 with firmware versions between 7.4.0 and 10.7.3 suffer from a remote command execution vulnerability. Exploit Title:Siklu EtherHaul Series EH-8010 - Remote Command Execution Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit Author: semaja2 -...
MiracleLinux 9 : pcp-6.2.0-2.el9 (AXSA:2024-8062:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8062:02 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description...
CVE-2026-1192
A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...
CVE-2026-1192
A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...
CVE-2026-1192 Tosei Online Store Management System ネット店舗管理システム imode_alldata.php command injection
A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...
CVE-2026-1192
A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...
CVE-2026-1192
CVE-2026-1192 affects Tosei Online Store Management System 1.01. The vulnerability is in an unknown function within /cgi-bin/imode_alldata.php where manipulating the DevId argument can cause remote command injection. Public exploit details exist; vendor was contacted but did not respond. Descript...
CVE-2026-1150
A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...
CVE-2026-1150
A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...
CVE-2026-1150 Totolink LR350 POST Request cstecgi.cgi setTracerouteCfg command injection
A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...
CVE-2026-1150
A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...
CVE-2026-1149
A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...
CVE-2026-1149
A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...
CVE-2026-1149
A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...
CVE-2026-1149 Totolink LR350 POST Request cstecgi.cgi setDiagnosisCfg command injection
A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...
CVE-2026-1149
CVE-2026-1149 affects Totolink LR350; the flaw is in the POST Request Handler’s /cgi-bin/cstecgi.cgi, in the setDiagnosisCfg function. Crafted input to the ip argument enables remote command injection. Exploit is publicly available and could be used, per sources. Affected version: 9.3.5u.6369_B20...
CVE-2026-1064
A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...
CVE-2026-1063
A vulnerability has been found in bastillion-io Bastillion up to 4.0.1. This vulnerability affects unknown code of the file src/main/java/io/bastillion/manage/control/AuthKeysKtrl.java of the component Public Key Management System. Such manipulation leads to command injection. It is possible to...
PT-2026-3513
A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imode alldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The explo...
MiracleLinux 3 : dhcp-3.0.5-23.4.0.1.AXS3 (AXSA:2011-162:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-162:01 advisory. DHCP Dynamic Host Configuration Protocol is a protocol which allows individual devices on an IP network to get their own network configuration information IP...