CVE-2026-22761

Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...

EUVD-2026-24503

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-6799

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-6799 Comfast CF-N1-S Endpoint mbox-config command injection

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-6799

CVE-2026-6799 affects Comfast CF-N1-S (firmware 2.6.0.1). The issue is a command injection in the Endpoint component via /cgi-bin/mbox-config?method=SET&section=ping_config, caused by manipulating the destination argument. The vulnerability is exploitable remotely; exploit exists as per descripti...

CVE-2026-6799

A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Endpoint. Performing a manipulation of the argument destination results in command injection. The...

CVE-2026-6576

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

EUVD-2026-23879

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, contain an OS command injection vulnerability. A high privileged attacker...

CVE-2026-22761

Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...

CVE-2026-23774

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, contain an OS command injection vulnerability. A high privileged attacker...

CVE-2026-3518 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'killsession' command...

Dell PowerProtect Data Domain（Dell PowerProtect DD） 安全漏洞

Dell PowerProtect Data Domain Dell PowerProtect DD is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. There are security vulnerabilities in versions 8.5 to 8.6 of the Dell PowerProtect Data Domain. These...

PT-2026-33799

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.20 Dell PowerProtect Data Domain versions 7.13.1.0 through 7.13.1.60 Description An OS command injection issue exists where...

CVE-2026-6576

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

PT-2026-33641

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...

CVE-2026-6483

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

CVE-2026-6483

CVE-2026-6483 affects Wavlink WL-WN530H4 (firmware 20220721). The flaw is in the strcat/snprintf usage in /cgi-bin/internet.cgi, enabling remote, unauthenticated command injection with high impact (confidentiality, integrity, availability). Exploitation is feasible over the network; public exploi...

CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

EUVD-2026-23396

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.50, contain a command injection vulnerability. A high privileged attacker with...