Lucene search
K

3873 matches found

Cvelist
Cvelist
added 2025/09/03 11:2 p.m.17 views

CVE-2025-9935 TOTOLINK N600R cstecgi.cgi sub_4159F8 command injection

A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866B20220506. This vulnerability affects the function sub4159F8 of the file /webcste/cgi-bin/cstecgi.cgi. Executing manipulation can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed an...

7.5CVSS0.02997EPSS
Exploits1References5
CVE
CVE
added 2025/09/03 11:2 p.m.18 views

CVE-2025-9935

The CVE-2025-9935 entry concerns TOTOLINK N600R version 4.3.0cu.7866_B20220506. The issue affects the function sub_4159F8 in /web_cste/cgi-bin/cstecgi.cgi, where manipulation can lead to a remote command injection. The exploit is publicly disclosed and may be utilized. Multiple connected sources ...

9.8CVSS7.3AI score0.02997EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2025/09/03 10:32 p.m.20 views

CVE-2025-9934

CVE-2025-9934 affects TOTOLINK X5000R 9.1.0cu.2415_B20250515. The vulnerability is in the function sub_410C34 of the file /cgi-bin/cstecgi.cgi, where manipulation of the pid argument can trigger a command injection. Remote exploitation is possible and the exploit has been made public. Multiple co...

9.8CVSS6.4AI score0.03738EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/03 10:32 p.m.2 views

CVE-2025-9934 TOTOLINK X5000R cstecgi.cgi sub_410C34 command injection

A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415B20250515. This affects the function sub410C34 of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument pid results in command injection. Remote exploitation of the attack is possible. The exploit has been made public and...

6.5CVSS6.4AI score0.03738EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/09/03 12:13 a.m.6 views

CVE-2025-9752

A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgimain of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS7.2AI score0.15815EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.5 views

PT-2025-35851

Name of the Vulnerable Software and Affected Versions: TOTOLINK N600R version 4.3.0cu.7866 B20220506 Description: A vulnerability exists in the function sub 4159F8 of the file /web cste/cgi-bin/cstecgi.cgi that can lead to command injection. This issue can be exploited remotely. The exploit has...

7.5CVSS6.5AI score0.02997EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.7 views

PT-2025-35850

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2415 B20250515 Description: A command injection issue exists in the sub 410C34 function of the /cgi-bin/cstecgi.cgi file. Manipulation of the pid argument can lead to remote code execution. The exploit has been...

6.5CVSS7.1AI score0.03738EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2025/09/02 9:35 p.m.3 views

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

7.2CVSS7.1AI score0.09746EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/02 11:35 a.m.5 views

CVE-2025-9727

A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgimain of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the publ...

6.5CVSS6.5AI score0.04797EPSS
Exploits1References1
OSV
OSV
added 2025/09/01 1:15 a.m.3 views

CVE-2025-9752

A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgimain of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS5.6AI score0.15815EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/01 12:0 a.m.6 views

PT-2025-35457

Name of the Vulnerable Software and Affected Versions SkyBridge BASIC MB-A130 versions prior to 1.5.8 Description Improper neutralization of special elements used in an OS command 'OS Command Injection' exists in the software. If exploited, a remote unauthenticated attacker may execute arbitrary ...

9.8CVSS10AI score0.03214EPSS
Exploits0References12
OSV
OSV
added 2025/08/31 9:15 p.m.5 views

CVE-2025-9745

A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element is an unknown function of the file /versionupgrade.asp of the component jhttpd. The manipulation of the argument path leads to os command injection. The attack may be initiated remotely. The exploit ha...

7.2CVSS5.6AI score0.09746EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/08/31 3:27 p.m.4 views

CVE-2025-9654

A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...

6.5CVSS7.2AI score0.01349EPSS
Exploits0References1
NVD
NVD
added 2025/08/31 12:15 p.m.5 views

CVE-2025-9727

A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgimain of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the publ...

9.8CVSS0.04797EPSS
Exploits1References5
OSV
OSV
added 2025/08/31 12:15 p.m.3 views

CVE-2025-9727

A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function soapcgimain of the file /soap.cgi. This manipulation of the argument service causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the publ...

9.8CVSS5.6AI score0.04797EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/31 2:20 a.m.6 views

CVE-2025-9603

A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The...

9.8CVSS6.8AI score0.07575EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/31 12:4 a.m.3 views

CVE-2025-9580

A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...

8.8CVSS7AI score0.06729EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/31 12:4 a.m.4 views

CVE-2025-9584

A vulnerability was found in Comfast CF-N1 2.6.0. Affected by this issue is the function updateinterfacepng of the file /usr/bin/webmgnt. The manipulation of the argument interface/displayname results in command injection. The attack can be executed remotely. The exploit has been made public and...

6.5CVSS7.1AI score0.08319EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/31 12:4 a.m.5 views

CVE-2025-9585

A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilithdeletepicfile of the file /usr/bin/webmgnt. This manipulation of the argument portaldeletepicname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly...

6.5CVSS7.1AI score0.05075EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/31 12:4 a.m.4 views

CVE-2025-9582

A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntptimezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

9.8CVSS6.8AI score0.05309EPSS
Exploits1References1
Rows per page
Query Builder