3860 matches found
CVE-2026-7705
A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function setiptvinfo of the file /jdcap of the component Service Interface. Executing a manipulation of the argument vid can lead to command injection. It is possible to launch the attack remotely. The exploit has...
EUVD-2026-26843
A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function setiptvinfo of the file /jdcap of the component Service Interface. Executing a manipulation of the argument vid can lead to command injection. It is possible to launch the attack remotely. The exploit has...
CVE-2026-7698
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...
CVE-2026-7698
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...
CVE-2026-7691
A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. Impacted is the function setsyscmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...
CVE-2026-7692
A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...
CVE-2026-7692
A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...
CVE-2026-7692
The CVE-2026-7692 entry documents a remote command-injection vulnerability in Wavlink WL-WN570HA1 firmware (R70HA1 V1410_221110) affecting the ping_ddns function in /cgi-bin/adm.cgi. The underlying issue is manipulation of the DDNS argument, enabling arbitrary command execution. Public exploit av...
EUVD-2026-26831
A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...
CVE-2026-7690
A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...
EUVD-2026-26830
A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. Impacted is the function setsyscmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...
CVE-2026-7691 Wavlink WL-WN570HA1 adm.cgi set_sys_cmd command injection
A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. Impacted is the function setsyscmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...
CVE-2026-7690
A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...
CVE-2026-7690
CVE-2026-7690 affects Wavlink WL-WN570HA1 devices (firmware R70HA1 V1410_221110). The vulnerability is in /cgi-bin/adm.cgi set_sys_adm and arises from manipulating the Username parameter to cause remote command injection. Impact is remote, with public exploit availability noted in the source desc...
EUVD-2026-26829
A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...
CVE-2026-7687
A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parsecallabledetails of the file src/lfx/src/lfx/custom/codeparser/codeparser.py of the component Full Builtins Module Handler. Executing a manipulation can lead to command...
CVE-2026-7687
LangFlow (langflow) up to version 1.8.4 is affected by a command-injection vulnerability in CodeParser.parse_callable_details (file src/lfx/src/lfx/custom/code_parser/code_parser.py, component Full Builtins Module Handler). The issue can be triggered remotely and an exploit has been publicly disc...
CVE-2026-7687
A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parsecallabledetails of the file src/lfx/src/lfx/custom/codeparser/codeparser.py of the component Full Builtins Module Handler. Executing a manipulation can lead to command...
CVE-2026-7683
A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipulation of the argument pppUserName/pptpUserName causes command injection. The attack can be initiated remotely. The exploit has bee...
CVE-2026-7682
A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The manipulation of the argument L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit ha...