CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Metasploit•added 2026/03/02 6:58 p.m.•209 views

MajorDoMo Supply Chain RCE via Update Poisoning

This module exploits an unauthenticated remote code execution vulnerability in MajorDoMo's saverestore module via supply chain poisoning. The saverestore module's admin method is reachable without authentication through the /objects/?module=saverestore endpoint because usual calls admin directly...

9.8CVSS6.3AI score0.48797EPSS

Exploits4

Packet Storm•added 2026/03/02 12:0 a.m.•126 views

📄 MajorDoMo Supply Chain Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in MajorDoMo's saverestore module via supply chain poisoning. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require...

9.8CVSS6.5AI score0.48797EPSS

Exploits4

RedhatCVE•added 2026/02/20 1:22 a.m.•4 views

CVE-2026-27180

MajorDoMo aka Major Domestic Module is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin method through the /objects/?module=saverestore endpoint without authentication because it uses gr'mode'...

9.8CVSS6.8AI score0.48797EPSS

Exploits4References1

NVD•added 2026/02/18 10:16 p.m.•5 views

CVE-2026-27180

9.8CVSS0.48797EPSS

Exploits4References3

ATTACKERKB•added 2026/02/18 9:10 p.m.•4 views

CVE-2026-27180

9.8CVSS6.6AI score0.48797EPSS

Exploits4References5

Vulnrichment•added 2026/02/18 9:10 p.m.•3 views

CVE-2026-27180 MajorDoMo Supply Chain Remote Code Execution via Update URL Poisoning

9.8CVSS6.8AI score0.48797EPSS

Exploits4References3

CVE•added 2026/02/18 9:10 p.m.•12 views

CVE-2026-27180

CVE-2026-27180 — MajorDoMo supply chain RCE : Affected MajorDoMo allows unauthenticated remote code execution via a poisoned update URL. The saverestore admin endpoint at /objects/?module=saverestore is exposed because gr('mode') reads from $_REQUEST instead of the framework’s mode, enabling an a...

9.8CVSS6.8AI score0.48797EPSS

Exploits4References3Affected Software1

CNNVD•added 2026/02/18 12:0 a.m.•3 views

MajorDoMo 安全漏洞

MajorDoMo is an open-source DIY smart home automation platform developed by the MajorDoMo community. There is a security vulnerability in MajorDoMo. This vulnerability stems from the saverestore module, which exposes its admin method through the /objects/?module=saverestore endpoint without...

9.8CVSS6.2AI score0.48797EPSS

Exploits4References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by