EUVD-2022-39776

Malicious code in bioql PyPI...

EUVD-2025-4384

Malicious code in bioql PyPI...

CVE-2025-57105

The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device. The sub478D28 function in in mngplatform.asp, and sub4A12DC function in wayosacserver.asp of the jhttpd program, with the parameter acmngsrvhost...

CVE-2024-48418

In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands...

CVE-2022-41396

Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain multiple command injection vulnerabilities in the function setIPsecTunnelList via the IPsecLocalNet and IPsecRemoteNet parameters...

CVE-2022-28578

It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

CVE-2025-28145

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via partition in /boafrm/formDiskFormat...

CVE-2025-28142

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V31.0.15 was discovered to contain a command injection vulnerability via the foldername in /boafrm/formDiskCreateShare...

CVE-2024-48419

Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/pingDiagnosis, and /goform/fromSysToolPingCmd Each of these issues allows an attacker with access t...

CVE-2023-43130

D-LINK DIR-806 1200M11AC wireless router DIR806A1FW100CNb11 is vulnerable to command injection...

GL.iNet GL-E750 操作系统命令注入漏洞

The GL.iNet GL-E750 is a wireless router from China-based GL.iNet. An operating system command injection vulnerability exists in the GL.iNet GL-E750 prior to version v3.216, which originates from a vulnerability that allows an authenticated attacker to execute arbitrary code via a crafted POST...

TP-LINK Archer AX21 命令注入漏洞

TP-Link Archer AX21 AX1800 is a WIFI6 router from TP-Link.TP-Link Archer AX21 AX1800 suffers from a command injection vulnerability, which stems from unfiltered user input and can be exploited by attackers to construct malicious requests to execute arbitrary commands...

CVE-2022-37057

D-Link Go-RT-AC750 GORTAC750revAv101b03 and GO-RT-AC750revBFWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgimain...

CVE-2022-36460

TOTOLINK A3700R V9.1.2u.6134B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile...

NEC Aterm WF1200CR and Aterm WG1200CR Operating System Command Injection Vulnerability

The NEC Aterm WF1200CR and Aterm WG1200CR are both router products from Nippon Electric NEC. An operating system command injection vulnerability exists in the SOAP interface of the 'UPnP' function in the NEC Aterm WF1200CR with firmware version 1.1.1 and earlier and the Aterm WG1200CR with firmwa...