Lucene search
K

19639 matches found

Packet Storm
Packet Storm
added 2026/01/20 12:0 a.m.181 views

📄 Siklu EtherHaul Series EH-8010 / EH-1200 Remote Command Execution

Siklu EtherHaul Series EH-8010 and EH-1200 with firmware versions between 7.4.0 and 10.7.3 suffer from a remote command execution vulnerability. Exploit Title:Siklu EtherHaul Series EH-8010 - Remote Command Execution Shodan Dork: "EH-8010" or "EH-1200" Date: 2025-08-02 Exploit Author: semaja2 -...

9.8CVSS8.6AI score0.01219EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : pcp-6.2.0-2.el9 (AXSA:2024-8062:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8062:02 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description...

8.8CVSS5.8AI score0.01002EPSS
Exploits0References3
OSV
OSV
added 2026/01/19 11:16 p.m.3 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.3CVSS5.7AI score0.06123EPSS
Exploits1References4
NVD
NVD
added 2026/01/19 11:16 p.m.5 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS0.06123EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/19 11:2 p.m.3 views

CVE-2026-1192 Tosei Online Store Management System ネット店舗管理システム imode_alldata.php command injection

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS5.4AI score0.06123EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/01/19 11:2 p.m.3 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS5.3AI score0.06123EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/01/19 11:2 p.m.13 views

CVE-2026-1192

CVE-2026-1192 affects Tosei Online Store Management System 1.01. The vulnerability is in an unknown function within /cgi-bin/imode_alldata.php where manipulating the DevId argument can cause remote command injection. Public exploit details exist; vendor was contacted but did not respond. Descript...

7.5CVSS5.4AI score0.06123EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/01/19 11:15 a.m.5 views

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

8.8CVSS5.7AI score0.0235EPSS
Exploits1References5
NVD
NVD
added 2026/01/19 11:15 a.m.5 views

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

8.8CVSS0.0235EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/19 10:32 a.m.23 views

CVE-2026-1150 Totolink LR350 POST Request cstecgi.cgi setTracerouteCfg command injection

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

6.5CVSS0.0235EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/19 10:32 a.m.3 views

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

8.8CVSS5.4AI score0.0235EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/01/19 10:16 a.m.7 views

CVE-2026-1149

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

8.8CVSS5.7AI score0.02714EPSS
Exploits1References5
NVD
NVD
added 2026/01/19 10:16 a.m.9 views

CVE-2026-1149

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

8.8CVSS0.02714EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/19 10:2 a.m.4 views

CVE-2026-1149

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

8.8CVSS5.3AI score0.02714EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/19 10:2 a.m.4 views

CVE-2026-1149 Totolink LR350 POST Request cstecgi.cgi setDiagnosisCfg command injection

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The...

6.5CVSS6.4AI score0.02714EPSS
Exploits1References5
CVE
CVE
added 2026/01/19 10:2 a.m.32 views

CVE-2026-1149

CVE-2026-1149 affects Totolink LR350; the flaw is in the POST Request Handler’s /cgi-bin/cstecgi.cgi, in the setDiagnosisCfg function. Crafted input to the ip argument enables remote command injection. Exploit is publicly available and could be used, per sources. Affected version: 9.3.5u.6369_B20...

8.8CVSS5.4AI score0.02714EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/19 2:19 a.m.8 views

CVE-2026-1064

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

5.8CVSS6.6AI score0.04156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/19 2:19 a.m.6 views

CVE-2026-1063

A vulnerability has been found in bastillion-io Bastillion up to 4.0.1. This vulnerability affects unknown code of the file src/main/java/io/bastillion/manage/control/AuthKeysKtrl.java of the component Public Key Management System. Such manipulation leads to command injection. It is possible to...

5.8CVSS6.8AI score0.04156EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/19 12:0 a.m.8 views

PT-2026-3513

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imode alldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The explo...

7.5CVSS5.4AI score0.06123EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 3 : dhcp-3.0.5-23.4.0.1.AXS3 (AXSA:2011-162:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-162:01 advisory. DHCP Dynamic Host Configuration Protocol is a protocol which allows individual devices on an IP network to get their own network configuration information IP...

7.5CVSS7AI score0.84292EPSS
Exploits6References2
Rows per page
Query Builder