Siemens Ruggedcom Rox

SUMMARY Ruggedcom Rox contains an input validation vulnerability in the Scheduler functionality that could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system. Siemens has released new versions for the affected products and...

CVE-2026-31196

The traceroute diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters usi...

CVE-2026-24506

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this...

CVE-2026-24504

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially exploit this...

CVE-2026-26213 thingino-firmware api.cgi Unauthenticated Command Injection in Captive Portal

thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

CVE-2022-50691 MiniDVBLinux 5.4 Remote Root Command Execution via commands.sh

MiniDVBLinux 5.4 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands as root through the 'command' GET parameter. Attackers can exploit the /tpl/commands.sh endpoint by sending malicious command values to gain root-level system...

CVE-2022-50691 MiniDVBLinux 5.4 Remote Root Command Execution via commands.sh

MiniDVBLinux 5.4 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands as root through the 'command' GET parameter. Attackers can exploit the /tpl/commands.sh endpoint by sending malicious command values to gain root-level system...

PocketVJ CP 安全漏洞

PocketVJ CP is a control panel software by magdesign individual developers. A security vulnerability exists in PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1, which stems from the submitopacity.php component failing to clean up user input for the capacityValue POST parameter, which could allow a...

CVE-2025-34212

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 VA/SaaS deployments possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature...

CVE-2025-34212

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 VA/SaaS deployments possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature...

SUSE CVE-2025-46811

A Missing Authorization vulnerability in SUSE Linux Manager allows anyone with the ability to connect to port 443 of SUSE Manager is able to run any command as root on any client. This issue affects Container suse/manager/5.0/x8664/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image...

VulnCheck KEV: CVE-2025-34042

An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware version M2.1.6.04C014 via the ServerName and TimeZone parameters in the servetest CGI page. An attacker with access to the web interface can inject arbitrary system commands into these parameters, which...

Cisco Secure Firewall Management Center 安全漏洞

Cisco Secure Firewall Management Center is a security firewall management software from Cisco. A security vulnerability exists in the Cisco Secure Firewall Management Center WEB interface, which can be exploited by remote attackers to submit a special request that can execute arbitrary commands i...

VulnCheck KEV: CVE-2019-15846

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash...

VulnCheck KEV: CVE-2018-20122

The web interface on FASTGate Fastweb devices with firmware through 0.00.47FW200Askey 2017-05-17 software through 1.0.1b exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser from Google, an American company. An input validation error vulnerability exists in versions of Google Chrome prior to 106.0.5249.62, which stems from insufficient DevTools data validation. A remote attacker can exploit this vulnerability by sending a malicious HTTP...

SUSE CVE-2017-9328

Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root...

SUSE: Security Advisory (SUSE-SU-2020:1533-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-27555

Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user...

SUSE SLES12 Security Update : krb5-appl (SUSE-SU-2020:1533-1)

This update for krb5-appl fixes the following issues : CVE-2020-10188: Fixed a remote root execution bsc1165787. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as...