CVE-2019-11416

A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user...

EUVD-2019-3091

Malware in sbrugna...

EUVD-2019-9583

Malware in sbrugna...

EUVD-2019-13056

Malware in sbrugna...

Aztech DSL5005EN 安全漏洞

The Aztech DSL5005EN is a wireless router from Aztech. A security vulnerability exists in the Aztech DSL5005EN version 1.00.AZ2013-05-10, which originates from an unauthenticated attacker being able to change the administrator password via a specially crafted POST request, which could result in...

CVE-2018-20334

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /startapply.htm POST data, there is a command injection issue via shell metacharacters in the fbemail parameter. By using this issue, an attacker can control the router and get shell...

ASUS AiCloud 安全漏洞

ASUS AiCloud is a router control program from Asus China. A security vulnerability exists in ASUS AiCloud that stems from the presence of incorrect input insertion, which could lead to arbitrary command execution...

ASUS AiCloud 安全漏洞

ASUS AiCloud is a router control program from Asus China. A security vulnerability exists in ASUS AiCloud. An attacker could execute arbitrary commands by exploiting the vulnerability...

TOTOLINK X5000r Command Injection Vulnerability

The TOTOLINK X5000r is a wireless router manufactured by TOTOLINK. TOTOLINK X5000r has a command injection vulnerability in version 9.1.0cu.2350b20230313. The vulnerability arises because the setAccessDeviceCfg function within the /cgi-bin/cstecgi.cgi file fails to properly validate or clean up...

Netis MW5360 Remote Command Execution Exploit

The Netis MW5360 router has a command injection vulnerability via the password parameter on the login page. The vulnerability stems from improper handling of the "password" parameter within the router's web interface. The router's login page authorization can be bypassed by simply deleting the...

CVE-2024-22246

VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...

CVE-2024-22246

VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...

CVE-2024-22246

VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...

PT-2024-2561 · Vmware · Vmware Sd-Wan Edge

Name of the Vulnerable Software and Affected Versions: VMware SD-WAN Edge affected versions not specified Description: The issue is related to an unauthenticated command injection vulnerability in the VMware SD-WAN Edge, potentially leading to remote code execution. A malicious actor with local...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE is an operating system developed by Cisco for its network devices.Web UI is a feature of IOS XE software designed to simplify the deployment, management process, and enhance the user experience. The Cisco IOS XE Software web UI elevation of privilege vulnerability can be exploited by...

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

The Chinese nation-state group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic...

Binary Vulnerability in ISP Version of Soft Route for Shenzhen Baiwei Tongda Technology Co.

Shenzhen Baiwei Tongda Technology Co., Ltd. is committed to providing leading network solutions for Internet cafes, neighborhoods, hotels, businesses, and public Internet access places. A binary vulnerability exists in the ISP version of the soft router of Shenzhen BWT Technology Co. An attacker...

CVE-2018-20334

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /startapply.htm POST data, there is a command injection issue via shell metacharacters in the fbemail parameter. By using this issue, an attacker can control the router and get shell...

CVE-2018-20334

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /startapply.htm POST data, there is a command injection issue via shell metacharacters in the fbemail parameter. By using this issue, an attacker can control the router and get shell...

CVE-2019-20004

An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router...