3868 matches found
CVE-2026-5327
A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-5351
A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...
CVE-2026-5333
A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown processing of the file /admin/tools.php. The manipulation of the argument host results in command injection. The attack can be executed remotely. The exploit has been released to t...
EUVD-2026-18408
A vulnerability was detected in Trendnet TEW-657BRM 1.00.1. Affected is the function pingtest of the file /setup.cgi. Performing a manipulation of the argument c4IPAddr results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. The...
EUVD-2026-18406
A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the function Edit of the file /setup.cgi. Such manipulation of the argument pcdblist leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used...
EUVD-2026-18412
A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the function vpndrop of the file /setup.cgi. The manipulation of the argument policyname leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the...
EUVD-2026-18362
A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...
CVE-2026-5355
A vulnerability has been found in Trendnet TEW-657BRM 1.00.1. Affected by this issue is the function vpndrop of the file /setup.cgi. The manipulation of the argument policyname leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the...
CVE-2026-5353
A vulnerability was detected in Trendnet TEW-657BRM 1.00.1. Affected is the function pingtest of the file /setup.cgi. Performing a manipulation of the argument c4IPAddr results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. The...
CVE-2026-5352
A security vulnerability has been detected in Trendnet TEW-657BRM 1.00.1. This impacts the function Edit of the file /setup.cgi. Such manipulation of the argument pcdblist leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used...
CVE-2026-5355
Summary: CVE-2026-5355 affects Trendnet TEW-657BRM 1.00.1. The issue is in the vpn_drop function within /setup.cgi where misusing the policy_name parameter enables OS command injection. This allows remote execution of commands. Documents indicate the exploit has been disclosed and may be used. Th...
CVE-2026-5354
Trendnet TEW-657BRM 1.00.1 is affected by CVE-2026-5354 due to a flaw in the vpn_connect function in /setup.cgi where manipulating the policy_name argument enables remote os command injection. Exploitation is possible without user interaction and remote access, with the exploit published and pote...
CVE-2026-5354 Trendnet TEW-657BRM setup.cgi vpn_connect os command injection
A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpnconnect of the file /setup.cgi. Executing a manipulation of the argument policyname can lead to os command injection. The attack can be executed remotely. The exploit has been published and may ...
CVE-2026-5354
A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpnconnect of the file /setup.cgi. Executing a manipulation of the argument policyname can lead to os command injection. The attack can be executed remotely. The exploit has been published and may ...
CVE-2026-5353
A vulnerability was detected in Trendnet TEW-657BRM 1.00.1. Affected is the function pingtest of the file /setup.cgi. Performing a manipulation of the argument c4IPAddr results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. The...
CVE-2026-5353
Trendnet TEW-657BRM version 1.00.1 contains a vulnerability in the ping_test function of /setup.cgi where manipulating the c4_IPAddr parameter leads to os command injection. Remote exploitation is possible; exploit code is public. The vendor notes the product is discontinued and out of support si...
CVE-2026-5351 Trendnet TEW-657BRM setup.cgi add_wps_client os command injection
A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...
CVE-2026-5351 Trendnet TEW-657BRM setup.cgi add_wps_client os command injection
A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...
EUVD-2026-18342
A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...
CVE-2026-5339
A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function actionsetnetsettings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriori...