PT-2025-8982

Name of the Vulnerable Software and Affected Versions Tuoshi/Dionlink LT15D 4G Wi-Fi devices version M7628NNxlSPv2xUI v1.0.1802.10.08 P4 Tuoshi/Dionlink LT21B devices version M7628xUSAxUIv2 v1.0.1481.15.02 P0 Description An issue allows a remote attacker with network access to exploit a command...

CVE-2025-1616

A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this issue is some unknown functionality of the component Diagnosis. The manipulation of the argument Destination Address leads to os command injection. The attack may be launche...

CVE-2025-1610

LB-LINK AC1900 Router 1.0.2 is affected by an OS command injection in the websGetVar function of /goform/set_blacklist. The vulnerability stems from manipulating the mac/enable parameter, potentially allowing remote exploitation. The CVE is supported by multiple sources (NVD, Red Hat, CVE lists) ...

PT-2025-7699 · Fiberhome · Fiberhome An5506-01A Onu Gpon Rp2511

Name of the Vulnerable Software and Affected Versions: FiberHome AN5506-01A ONU GPON RP2511 affected versions not specified Description: A critical issue has been found in the Diagnosis component of the affected software, where the manipulation of the Destination Address argument leads to os...

PT-2025-6919 · Synway · Synway Smg Gateway Management

Name of the Vulnerable Software and Affected Versions: Synway SMG Gateway Management Software up to 20250204 Description: A critical issue affects the processing of the file 9-12ping.php in Synway SMG Gateway Management Software. The manipulation of the retry argument leads to command injection...

F5 BIG-IP Remote Command Injection Vulnerability

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. F5 BIG-IP suffers from a remote command injection vulnerability that stems from the application failing to properly filter...

VulnCheck KEV: CVE-2024-9916

A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection. The attack may be launched remotely. The...

PT-2025-6865 · Unknown · Olajowon Loggrove

Name of the Vulnerable Software and Affected Versions: olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6 Description: A critical vulnerability was found in olajowon Loggrove, affecting an unknown functionality of the file /read/?page=1&logfile=eee&match=. The manipulation of the...

CVE-2025-23239

When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...

CVE-2025-23239

When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...

CVE-2025-23239

When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...

CVE-2025-23239

When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached E...

CVE-2025-23239

CVE-2025-23239 affects BIG-IP iControl REST. In Appliance mode, an authenticated user with high privileges can exploit an undisclosed iControl REST endpoint to execute arbitrary commands, crossing a security boundary. Impact is command injection on the control plane with administrator-like privil...

CVE-2024-11634

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Not applicable to 9.1Rx...

PT-2025-5734

Name of the Vulnerable Software and Affected Versions: iControl versions prior to the fixed version Description: A remote command injection vulnerability exists in an undisclosed iControl REST endpoint when running in Appliance mode. This issue allows an authenticated attacker to cross a security...

CVE-2025-25039 Authenticated Remote Command Injection in HPE Aruba Networking ClearPass Policy Manager Web-Based Management Interface

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager CPPM allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on...

CVE-2025-0798

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. This issue affects some unknown processing of the file rtscanner of the component Quarantine Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The...

CVE-2025-0528

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched...

cups security update

An update is available for cups. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Common UNIX Printing System CUPS provides a portable printing layer for Linu...

RockyLinux 8 : cups (RLSA-2025:0083)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:0083 advisory. cups: libppd: remote command injection via attacker controlled data in PPD file CVE-2024-47175 Tenable has extracted the preceding description block directly from...