Smartbedded Meteobridge Command Injection Vulnerability

Smartbedded Meteobridge contains a command injection vulnerability that could allow remote unauthenticated attackers to gain arbitrary command execution with elevated privileges root on affected devices...

CVE-2025-20338

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...

CVE-2025-20338

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...

CVE-2025-20338

CVE-2025-20338 affects Cisco IOS XE Software CLI. The root cause is insufficient validation of user-supplied arguments passed to specific CLI commands, allowing an authenticated administrator (level 15) to craft CLI input that can execute arbitrary commands as root on the device. According to Cis...

CVE-2025-20334

Cisco IOS XE Software HTTP API Command Injection vulnerability (CVE-2025-20334) in the HTTP API subsystem allows an attacker to execute commands with root privileges due to insufficient input validation. A remote attacker with administrative privileges can exploit via an API call with crafted inp...

PT-2025-39306

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the Command Line Interface CLI of Cisco IOS XE Software that could allow a local attacker with administrative privileges to execute arbitrary commands as root o...

PT-2025-39305

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the HTTP API subsystem of Cisco IOS XE Software that may allow a remote attacker to inject commands that will execute with root privileges on the underlying...

CVE-2025-37123

A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to escalate privileges. Successful exploitation of this vulnerability may enable the attacker to execute arbitrary system commands with root privileges on...

PT-2025-38086

Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect SD-WAN Gateways affected versions not specified Description: A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface that allows remote authenticated users to run...

CVE-2025-10365 Authentication Bypass in Evertz SDVN

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management interface on port 80. This web management interface can be used by administrators to control product features, setup network switching, and register license among...

D-Link DIR-868L 安全漏洞

The D-Link DIR-868L is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-868L B1 FW2.05WWB02 version, which originates from an unauthenticated OS command injection in the fileaccess.cgi component, which could lead to the execution of arbitrary comman...

SUSE CVE-2010-20103

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows...

CVE-2010-20103

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows...

CVE-2010-20103

The CVE-2010-20103 issue concerns ProFTPD 1.3.3c, where a backdoor was embedded in the official source tarball (distributed between 2010-11-28 and 2010-12-02). The backdoor provides a hidden FTP command trigger allowing remote, unauthenticated attackers to execute arbitrary shell commands with ro...

VulnCheck KEV: CVE-2010-20103

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows...

CVE-2025-20237

A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this...

CVE-2025-20306

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficie...

CVE-2025-20238

A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this...

CVE-2025-43984

An issue was discovered on KuWFi GC111 devices Hardware Version: CPE-LM321V3.2, Software Version: GC111-GL-LM321V3.020191211. They are vulnerable to unauthenticated /goform/goformsetcmdprocess requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary...

CVE-2025-20306

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficie...