CVE-2021-42890

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function NTPSyncWithHost of the file system.so which can control hostTime to attack...

CVE-2021-31726

Akuvox C315 115.116.2613 allows remote command Injection via the cfgdserver service. The attack vector is sending a payload to port 189 default root 0.0.0.0...

CVE-2021-28961

applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests...

CVE-2021-34416

The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, Zoom on-premise Meeting Connector MMR before version 4.6.360.20210325, Zoom on-premise Recording Connector before version 3.8.44.20210326, Zoom on-premise Virtual Room...

CVE-2020-26878

Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API /service/v1/createUser endpoint, injecting arbitrary commands that will be executed as root user via web.py...

CVE-2025-32813

An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur...

CVE-2025-32813

An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur...

CVE-2019-5390

A remote command injection vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

CVE-2019-16057

The loginmgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection...

CVE-2017-8051

Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tnsappliancesessionuser parameter, a remote attacker can inject arbitrary commands...

CVE-2014-10075

The karo gem 2.3.8 for Ruby allows Remote command injection via the host field...

CVE-2013-7380

The Etherpad Lite epimageconvert Plugin has a Remote Command Injection Vulnerability...

CVE-2025-32813

Infoblox NetMRI

CVE-2025-5000

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function controlpanelsw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command...

CVE-2025-4999

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument supplicantrndiden leads to...

CVE-2025-4851

A vulnerability classified as critical was found in TOTOLINK N300RH 6.1c.1390B20191101. This vulnerability affects the function setUploadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to command injection. The attack can be initiated remotely. The explo...

CVE-2025-4850

A vulnerability classified as critical has been found in TOTOLINK N300RH 6.1c.1390B20191101. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pluginname leads to command injection. It is possible to initiate the attack remotely. The...

CVE-2025-4443

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affects the function sub454F2C. The manipulation of the argument sysCmd leads to command injection. The attack may be initiated remotely. The vendor was contacted early about this disclosure. This...

CVE-2025-4445

A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the function wakeonlan. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure. This...

The vulnerability of the iControl REST component of the access control and remote authentication solution for BIG-IP allows a perpetrator to inject arbitrary commands.

The vulnerability of the iControl REST component of the access control and remote authentication solution for BIG-IP is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to inject arbitrary commands remotely...