Lucene search
K

21 matches found

CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

Shibby Tomato 操作系统命令注入漏洞

Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28.0000 of Shibby Tomato contains a vulnerability related to operating system command injection. This vulnerability stems from the startvpnserver function in the /sbin/rc file within the Web UI...

8.6CVSS7.2AI score0.02635EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-29217

Malware in sbrugna...

8.8CVSS8.7AI score0.00629EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-27250

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00787EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-48626

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.28662EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/07/17 12:50 a.m.13 views

CVE-2025-52379

Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below contains an authenticated command injection vulnerability in the firmware update feature. The /web/umfileNameset.cgi and /web/umwebupgrade.cgi endpoints fail to properly sanitize the upgradeFileName parameter, allowing authenticated...

5.4CVSS8.9AI score0.09684EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.7 views

The vulnerability of the fromRouteStatic function in the microprogramming software for wireless Wi-Fi routers Tenda W30E allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the fromRouteStatic function in the microprogramming software for Tenda W30E wireless routers involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...

10CVSS8.3AI score0.00966EPSS
Exploits1References4
Metasploit
Metasploit
added 2025/01/08 6:55 p.m.554 views

Netis Router Exploit Chain Reactor (CVE-2024-48455, CVE-2024-48456 and CVE-2024-48457).

Several Netis Routers including rebranded routers from GLCtec and Stonet suffer from a command injection vulnerability at the change admin password page of the router web interface see CVE-2024-48456 for more details. The vulnerability stems from improper handling of the 'password' and 'new...

2.7CVSS7.9AI score0.06356EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/07/12 12:0 a.m.7 views

The vulnerability of Netgear WNR614 N300 Wi-Fi router’s microprogramming software, related to permission processing errors, allows a intruder to gain unauthorized access to protected information.

The vulnerability of Netgear WNR614 N300 Wi-Fi router’s microprogramming software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.5CVSS5.5AI score0.00338EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/10 12:0 a.m.7 views

The vulnerability of the cancelPing function in D-Link DIR-820L router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the cancelPing function in D-Link DIR-820L router microprogramming software arises due to overflow in the stack buffer. Exploiting this vulnerability can allow an attacker operating remotely to execute arbitrary code...

10CVSS8.1AI score0.01051EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.13 views

The vulnerability of D-Link DSL-3782 router’s microprogramming software allows a hacker to bypass the authentication process and gain access to confidential information.

The vulnerability of the D-Link DSL-3782 router’s microprogramming software is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain access to confidential information through a specially crafted...

10CVSS7.7AI score0.13282EPSS
Exploits5References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.12 views

The vulnerabilities of D-Link DIR-550A and DIR-604M router microprogramming software allow attackers to enhance their privileges.

The vulnerability of D-Link DIR-550A and DIR-604M router microprogramming software is related to insecure resource initialization. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

9CVSS7.8AI score0.01776EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/05/17 12:0 a.m.10 views

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-2640-US router microsoftware allows a attacker to execute arbitrary code.

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-2640-US router microprogramming software is related to the lack of measures to sanitize input data during the processing of the LocalIPAddress parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrar...

7.4CVSS7.1AI score0.01796EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/03/16 12:0 a.m.20 views

CVE-2023-23150

SA-WR915ND router firmware v17.35.1 was discovered to be vulnerable to code execution...

9.9AI score0.00787EPSS
Exploits0References2
Prion
Prion
added 2023/01/31 6:15 p.m.14 views

Improper access control

COMFAST Shenzhen Sihai Zhonglian Network Technology Co., Ltd CF-WR623N Router firmware V2.3.0.1 is vulnerable to Incorrect Access Control...

7.5CVSS9.4AI score0.00621EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/23 12:0 a.m.7 views

The vulnerability of Trendnet TEW-831DR router microprogramming software, related to the use of a rigidly encrypted cryptographic key, allows a hacker to obtain the encryption key.

The vulnerability of Trendnet TEW-831DR router microprogramming software is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability can allow an attacker operating remotely to obtain the encryption key...

9.3CVSS6.5AI score0.00437EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.7 views

The vulnerability of the implementation of the genacgi_main() function in D-Link DIR-859 router microprogramming software allows a hacker to cause a service failure.

The vulnerability of the genacgimain function implementation in D-Link DIR-859 router microprogramming software is related to the output of operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure by executing the /gena.cgi...

6.3CVSS6.3AI score0.08588EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.6 views

The vulnerability of NETGEAR XR1000 Wi-Fi routers’ microprogramming software, related to the use of pre-installed credentials, allows a intruder to gain unauthorized access to protected information.

The vulnerability of NETGEAR XR1000 Wi-Fi routers’ microprogramming software relates to the use of pre-installed credentials. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.1CVSS7.6AI score0.0085EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.6 views

The vulnerability of NETGEAR D7000 Wi-Fi routers’ microprogramming software, related to deficiencies in authentication procedures, allows attackers to escalate their privileges.

The vulnerability of NETGEAR D7000 Wi-Fi routers’ microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow an attacker to enhance their privileges remotely...

9.7CVSS7.7AI score0.01561EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/15 12:0 a.m.6 views

The vulnerability of the SetWizardConfig function in D-Link DIR-846 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the SetWizardConfig function in D-Link DIR-846 router microprogramming software is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created request /HNAP1/...

10CVSS8.1AI score0.03557EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/01/20 12:0 a.m.3 views

The vulnerability of Cisco Small Business RV016, RV042, RV042G, and RV082 router microprogramming software lies in the presence of embedded authentication data (a static H.509 certificate), which allows attackers to escalate their privileges.

The vulnerability of Cisco Small Business RV016, RV042, RV042G, and RV082 router microprogramming software is related to the presence of embedded authentication data static certificate H.509. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

10CVSS5.5AI score
Exploits0References1Affected Software4
Rows per page
Query Builder