Lucene search
K

3873 matches found

Vulnrichment
Vulnrichment
added 2025/09/12 7:2 p.m.3 views

CVE-2025-10323 Wavlink WL-WN578W2 wizard_rep.shtml sub_409184 command injection

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is the function sub409184 of the file /wizardrep.shtml. The manipulation of the argument selEncrypTyp results in command injection. The attack may be performed from remote. The exploit has been made public and could be...

7.5CVSS6.4AI score0.08082EPSS
Exploits1References4
CVE
CVE
added 2025/09/12 7:2 p.m.15 views

CVE-2025-10323

CVE-2025-10323 affects Wavlink WL-WN578W2 (firmware 221110). A command injection exists in the function sub_409184 of the file wizard_rep.shtml, exploitable via the sel_EncrypTyp parameter. Public exploit evidence and remote execution potential are stated across CNVD/CNNVD/PT-2025-37342 entries; ...

9.8CVSS6.4AI score0.08082EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/12 10:15 a.m.3 views

CVE-2025-10265 Digiever|NVR - OS Command Injection

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device...

8.8CVSS7.3AI score0.01144EPSS
Exploits0References2
CVE
CVE
added 2025/09/12 10:15 a.m.16 views

CVE-2025-10265

Digiever Digiever NVR devices are affected by CVE-2025-10265, an OS command injection vulnerability in the NVR OS that enables authenticated remote attackers to inject and execute arbitrary commands. The issue is described as affecting certain NVR models, with network access required and low priv...

8.8CVSS7.3AI score0.01144EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.5 views

PT-2025-37353

Name of the Vulnerable Software and Affected Versions: MiczFlor RPi-Jukebox-RFID versions up to 2.8.0 Description: A security flaw exists in MiczFlor RPi-Jukebox-RFID up to version 2.8.0. The issue is due to os command injection in an unknown function of the file /htdocs/api/playlist/single.php...

6.5CVSS6.3AI score0.07099EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.9 views

PT-2025-37342

Name of the Vulnerable Software and Affected Versions: Wavlink WL-WN578W2 version 221110 Description: A command injection issue exists in the function sub 409184 of the file /wizard rep.shtml. The manipulation of the argument sel EncrypTyp can lead to command injection. This issue is exploitable...

7.5CVSS7.5AI score0.08082EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.5 views

PT-2025-37344

Name of the Vulnerable Software and Affected Versions: Wavlink WL-WN578W2 version 221110 Description: A vulnerability exists in the Wavlink WL-WN578W2 router. Manipulation of the arguments pingFrmWANFilterEnabled, blockSynFloodEnabled, blockPortScanEnabled, or remoteManagementEnabled within the...

7.5CVSS7.3AI score0.08082EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/09/11 3:26 p.m.4 views

CVE-2025-10107

A vulnerability has been found in TRENDnet TEW-831DR 1.0 601.130.1.1410. Impacted is an unknown function of the file /boafrm/formSysCmd. The manipulation of the argument sysHost leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

5.8CVSS6.7AI score0.03861EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 3:19 a.m.10 views

CVE-2025-10123

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS7.5AI score0.03986EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-34254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GLPI Agent is a generic management agent. Prior to version 1.5, if glpi-agent is running remoteinventory task against an Unix platform with ssh command, an...

7.6CVSS6.9AI score0.00799EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/09 2:32 p.m.2 views

CVE-2025-10107 TRENDnet TEW-831DR formSysCmd command injection

A vulnerability has been found in TRENDnet TEW-831DR 1.0 601.130.1.1410. Impacted is an unknown function of the file /boafrm/formSysCmd. The manipulation of the argument sysHost leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the...

5.8CVSS6.6AI score0.03861EPSS
Exploits0References4
CVE
CVE
added 2025/09/09 2:32 p.m.18 views

CVE-2025-10107

TRENDnet TEW-831DR v1.0 (601.130.1.1410) contains a command-injection flaw in the /boafrm/formSysCmd function, triggered by manipulating the sysHost argument. This vulnerability can be exploited remotely and has public exploit disclosures. Several sources (including NVD/Red Hat CVE entries and PT...

5.8CVSS4.9AI score0.03861EPSS
Exploits0References4
NVD
NVD
added 2025/09/09 3:15 a.m.5 views

CVE-2025-10123

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS0.03986EPSS
Exploits1References6
OSV
OSV
added 2025/09/09 3:15 a.m.5 views

CVE-2025-10123

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS5.6AI score0.03986EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/09/09 2:32 a.m.2 views

CVE-2025-10123 D-Link DIR-823X set_static_leases sub_415028 command injection

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

7.5CVSS6.8AI score0.03986EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.6 views

PT-2025-36565

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823X versions up to 250416 Description: A vulnerability exists in D-Link DIR-823X routers that allows for remote command injection. The vulnerability is located in the sub 415028 function of the /goform/set static leases file...

7.5CVSS7.4AI score0.03986EPSS
Exploits1References15
RedhatCVE
RedhatCVE
added 2025/09/05 11:23 p.m.8 views

CVE-2025-9935

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866B20220506. This vulnerability affects the function sub4159F8 of the file /webcste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed an...

7.5CVSS7.1AI score0.02997EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/05 11:23 p.m.11 views

CVE-2025-9934

A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415B20250515. This affects the function sub410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection. Remote exploitation of the attack is possible. The exploit has been made public and...

6.5CVSS6.8AI score0.03738EPSS
Exploits1References1
NVD
NVD
added 2025/09/04 10:42 a.m.20 views

CVE-2025-9935

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866B20220506. This vulnerability affects the function sub4159F8 of the file /webcste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed an...

9.8CVSS0.02997EPSS
Exploits1References5
OSV
OSV
added 2025/09/04 10:42 a.m.7 views

CVE-2025-9935

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866B20220506. This vulnerability affects the function sub4159F8 of the file /webcste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed an...

9.8CVSS5.7AI score0.02997EPSS
Exploits1References5
Rows per page
Query Builder