Lucene search
K

19648 matches found

Cvelist
Cvelist
added 2025/12/30 9:2 p.m.26 views

CVE-2025-15357 D-Link DI-7400G+ msp_info.htm command injection

A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS0.03801EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/30 6:30 p.m.4 views

EUVD-2025-205833

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

7.5CVSS6.5AI score0.04442EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/30 6:30 p.m.3 views

EUVD-2025-205784

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

6.5CVSS6.6AI score0.0326EPSS
Exploits1References6
OSV
OSV
added 2025/12/30 5:15 p.m.2 views

CVE-2025-66848

JD Cloud NAS routers AX1800 4.3.1.r4308 and earlier, AX3000 4.3.1.r4318 and earlier, AX6600 4.5.1.r4533 and earlier, BE6500 4.4.1.r4308 and earlier, ER1 4.5.1.r4518 and earlier, and ER2 4.5.1.r4518 and earlier contain an unauthorized remote command execution vulnerability...

9.8CVSS6AI score0.01011EPSS
Exploits0References3
NVD
NVD
added 2025/12/30 5:15 p.m.4 views

CVE-2025-66848

JD Cloud NAS routers AX1800 4.3.1.r4308 and earlier, AX3000 4.3.1.r4318 and earlier, AX6600 4.5.1.r4533 and earlier, BE6500 4.4.1.r4308 and earlier, ER1 4.5.1.r4518 and earlier, and ER2 4.5.1.r4518 and earlier contain an unauthorized remote command execution vulnerability...

9.8CVSS0.01011EPSS
Exploits0References3
NVD
NVD
added 2025/12/30 5:15 p.m.3 views

CVE-2025-15257

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

9.8CVSS0.04442EPSS
Exploits1References4
OSV
OSV
added 2025/12/30 5:15 p.m.3 views

CVE-2025-15256

A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected is the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component Web-based Configuration Interface. The manipulation of the argument rootAPmac leads to command injection. Remote exploitation of the attack i...

9.8CVSS5.6AI score0.03287EPSS
Exploits1References5
NVD
NVD
added 2025/12/30 5:15 p.m.4 views

CVE-2025-15256

A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected is the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component Web-based Configuration Interface. The manipulation of the argument rootAPmac leads to command injection. Remote exploitation of the attack i...

9.8CVSS0.03287EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/30 5:2 p.m.3 views

CVE-2025-15257 Edimax BR-6208AC Web-based Configuration formRoute command injection

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

7.5CVSS7.1AI score0.04442EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/30 5:2 p.m.27 views

CVE-2025-15257 Edimax BR-6208AC Web-based Configuration formRoute command injection

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

7.5CVSS0.04442EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2025/12/30 5:2 p.m.4 views

CVE-2025-15257

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

9.8CVSS5.3AI score0.04442EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2025/12/30 4:32 p.m.13 views

CVE-2025-15256

CVE-2025-15256 affects Edimax BR-6208AC V2 (firmware 1.02/1.03). The Web-based Configuration Interface exposes formStaDrvSetup; manipulating rootAPmac in /goform/formStaDrvSetup enables remote command injection. Exploitation is possible and publicly available. Edimax confirms the device is EOL wi...

9.8CVSS6.6AI score0.03287EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/12/30 4:15 p.m.3 views

CVE-2025-15254

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

8.8CVSS5.6AI score0.0326EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2025/12/30 3:32 p.m.2 views

CVE-2025-15254

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

8.8CVSS5.4AI score0.0326EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/12/30 3:32 p.m.28 views

CVE-2025-15254 Tenda W6-S ATE Service ate TendaAte os command injection

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

6.5CVSS0.0326EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/30 3:32 p.m.6 views

CVE-2025-15254 Tenda W6-S ATE Service ate TendaAte os command injection

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing a manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

6.5CVSS6.3AI score0.0326EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/30 3:7 p.m.6 views

CVE-2025-15192

A security vulnerability has been detected in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub415328 of the file /boafrm/formLtefotaUpgradeQuectel. Such manipulation of the argument fotaurl leads to command injection. The attack can be executed remotely. The exploit has been...

8.8CVSS6.9AI score0.03443EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.3 views

MiniDVBLinux 安全漏洞

MiniDVBLinux is a multimedia center software from the German company MiniDVBLinux. A security vulnerability exists in MiniDVBLinux version 5.4, which originates from a command GET parameter that allows an unauthenticated attacker to execute arbitrary commands, potentially resulting in remote...

9.8CVSS7.7AI score0.01261EPSS
Exploits3References3
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.6 views

PT-2025-54241

Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and earlier Description The software contains an authenticated command injection issue in the www-data-handler.php script. Attackers can inject system commands through the services POST parameter...

8.8CVSS7.8AI score0.02789EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.6 views

PT-2025-54180

A vulnerability was found in Tenda W6-S 1.0.0.4510. This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used...

6.5CVSS7AI score0.0326EPSS
Exploits1References7
Rows per page
Query Builder