Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

GithubExploit
GithubExploitadded 2025/05/12 7:33 p.m.288 views

Exploit for External Control of File Name or Path in Emagicone Emagicone_Store_Manager_For_Woocommerce

eMagicOne Store Manager for WooCommerce md5 EMOSMCDEFAULT...

7.5CVSS5.7AI score0.00394EPSS
Exploits2
Positive Technologies
Positive Technologiesadded 2025/01/20 12:0 a.m.13 views

PT-2025-3266 · Axess · Axess Acs

Name of the Vulnerable Software and Affected Versions: AXESS ACS Auto Configuration Server versions prior to 5.2.0 Description: The issue is related to unsanitized user input in the TR069 API, which allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069...

7.5CVSS7.1AI score0.01081EPSS
Exploits0References6
CNNVD
CNNVDadded 2022/03/06 12:0 a.m.2 views

GenieACS 操作系统命令注入漏洞

GenieACS is a high-performance automatic configuration server ACS for remote management of TR-069-enabled devices. GenieACS is vulnerable to an OS command injection vulnerability, which stems from inadequate input validation and lack of authorization checks, and can be exploited by attackers to...

9.8CVSS5.7AI score0.86931EPSS
Exploits2References3
CNVD
CNVDadded 2020/07/31 12:0 a.m.2 views

Unspecified vulnerability in the Grandstream HT800 series

The Grandstream HT800 series is an HT800 series analog phone adapter from Grandstream. An input validation error vulnerability exists in the Grandstream HT800 series using firmware version 1.0.17.5 and earlier. The vulnerability stems from a failure of the system to properly validate incoming dat...

7.8CVSS6.9AI score0.03887EPSS
Exploits1References1
CNVD
CNVDadded 2018/03/07 12:0 a.m.1 views

DrayTek Vigor AP910C Cross-Site Request Forgery Vulnerability

DrayTek Vigor AP910C devices is a wireless router product with firewall function from DrayTek. A cross-site request forgery vulnerability exists in DrayTek Vigor AP910C devices using firmware version 1.2.0RC3 build r6594. A remote attacker could exploit the vulnerability to open SNMP on a remote...

8.8CVSS6.9AI score0.0013EPSS
Exploits1References1
CNVD
CNVDadded 2015/01/12 12:0 a.m.1 views

TR-069 Auto Configuration Server Arbitrary Code Execution Vulnerability (CNVD-2015-00280)

TR-069 is the DSL Forum Technical Specification "CPE WAN Management Protocol CWMP", which defines the application layer protocol for remote management of end devices. Arbitrary code execution vulnerabilities exist in certain server implementations of TR-069. These vulnerabilities can be exploited...

8.3AI score
Exploits0References1
CNVD
CNVDadded 2015/01/12 12:0 a.m.1 views

TR-069 Auto Configuration Server Arbitrary Code Execution Vulnerability (CNVD-2015-00281)

TR-069 is the DSL Forum Technical Specification "CPE WAN Management Protocol CWMP", which defines the application layer protocol for remote management of end devices. An arbitrary code execution vulnerability exists in some server implementations of the TR-069 protocol. A remote attacker could...

8.4AI score
Exploits0References1
Rows per page
Query Builder