Lucene search
K

19649 matches found

OSV
OSV
added 2025/12/28 1:15 p.m.3 views

CVE-2025-15136

A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function dosetWizardasp of the file /goform/wizardset of the component Management Interface. The manipulation of the argument WizardConfigured leads to command injection. The attack may be initiated remotely...

8.7CVSS5.5AI score0.09753EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/28 1:2 p.m.3 views

CVE-2025-15137 TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934  command injection

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...

9CVSS8.7AI score0.10346EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/28 1:2 p.m.39 views

CVE-2025-15137 TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934  command injection

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...

9CVSS0.10346EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/28 12:32 p.m.3 views

CVE-2025-15136 TRENDnet TEW-800MB Management wizardset do_setWizard_asp command injection

A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function dosetWizardasp of the file /goform/wizardset of the component Management Interface. The manipulation of the argument WizardConfigured leads to command injection. The attack may be initiated remotely...

9CVSS8.6AI score0.09753EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/28 12:32 p.m.21 views

CVE-2025-15136 TRENDnet TEW-800MB Management wizardset do_setWizard_asp command injection

A security vulnerability has been detected in TRENDnet TEW-800MB 1.0.1.0. Affected is the function dosetWizardasp of the file /goform/wizardset of the component Management Interface. The manipulation of the argument WizardConfigured leads to command injection. The attack may be initiated remotely...

9CVSS0.09753EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/28 12:30 p.m.4 views

EUVD-2025-205505

A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2apiSafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made publ...

6.5CVSS6.3AI score0.06828EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/28 12:30 p.m.2 views

EUVD-2025-205504

A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2apiopen of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has...

6.5CVSS6.6AI score0.06692EPSS
Exploits1References5
OSV
OSV
added 2025/12/28 11:15 a.m.4 views

CVE-2025-15133

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

8.8CVSS5.6AI score0.06882EPSS
Exploits1References4
NVD
NVD
added 2025/12/28 11:15 a.m.5 views

CVE-2025-15133

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

8.8CVSS0.06882EPSS
Exploits1References4
NVD
NVD
added 2025/12/28 11:15 a.m.4 views

CVE-2025-15132

A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2apiopen of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has...

8.8CVSS0.06692EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/28 11:2 a.m.25 views

CVE-2025-15133 ZSPACE Z4Pro+ HTTP POST Request close zfilev2_api_CloseSafe command injection

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

6.5CVSS0.06882EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/28 11:2 a.m.3 views

CVE-2025-15133 ZSPACE Z4Pro+ HTTP POST Request close zfilev2_api_CloseSafe command injection

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

6.5CVSS6.5AI score0.06882EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/28 10:32 a.m.3 views

CVE-2025-15132 ZSPACE Z4Pro+ HTTP POST Request open zfilev2_api_open command injection

A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2apiopen of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has...

6.5CVSS6.5AI score0.06692EPSS
Exploits1References4
OSV
OSV
added 2025/12/28 10:15 a.m.3 views

CVE-2025-15131

A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2apiSafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made publ...

8.8CVSS5.5AI score0.06828EPSS
Exploits1References4
NVD
NVD
added 2025/12/28 10:15 a.m.4 views

CVE-2025-15131

A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2apiSafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made publ...

8.8CVSS0.06828EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/28 10:2 a.m.4 views

CVE-2025-15131 ZSPACE Z4Pro+ HTTP POST Request status zfilev2_api_SafeStatus command injection

A vulnerability was found in ZSPACE Z4Pro+ 1.0.0440024. Impacted is the function zfilev2apiSafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation results in command injection. The attack may be performed from remote. The exploit has been made publ...

6.5CVSS6.3AI score0.06828EPSS
Exploits1References4
OSV
OSV
added 2025/12/28 1:44 a.m.7 views

MAL-2025-192953 Malicious code in aiogram-types-v3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f6ba04e944f1dfda1aaa2d571fa79cd8ce4074a106bae228e582473226810baf During installation or importing the module, the package starts a reverse shell to hardcoded locatiom --- Category: MALICIOUS - The campaign has clearly...

7.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/28 12:0 a.m.5 views

PT-2025-53648

Name of the Vulnerable Software and Affected Versions ZSPACE Z4Pro+ version 1.0.0440024 Description A command injection issue exists in ZSPACE Z4Pro+. The affected component is the HTTP POST Request Handler, specifically within the zfilev2 api CloseSafe function located in the file...

6.5CVSS7.2AI score0.06882EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/12/28 12:0 a.m.6 views

PT-2025-53652

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-822DRE versions 1.00B21 and 1.01B06 Description A flaw exists in TRENDnet TEW-822DRE routers that allows for remote command injection. The issue is related to the manipulation of the peerPin argument within the sub 43ACF4 function...

8.8CVSS7AI score0.1177EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2025/12/27 12:0 a.m.4 views

PT-2025-53628

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-800MB version 1.0.1.0 Description A command injection issue exists in the TRENDnet TEW-800MB. The issue is located in the NTPSyncWithHost.cgi file, specifically within the sub F934 function. Successful exploitation allows for remo...

9CVSS7.3AI score0.10346EPSS
Exploits1References15
Rows per page
Query Builder