10 matches found
CVE-2026-1741
A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...
CVE-2026-1741
A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...
CVE-2026-1741
A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpconchecksessionurl of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...
CVE-2026-1741
The following sources document CVE-2026-1741 affecting EFM ipTIME A8004T 14.18.2. The vulnerability concerns the Debug Interface component, specifically the httpcon_check_session_url function in /sess-bin/d.cgi. The described flaw allows manipulation of the cmd argument to trigger a backdoor, wit...
PT-2026-5600
A vulnerability was determined in EFM ipTIME A8004T 14.18.2. Affected is the function httpcon check session url of the file /sess-bin/d.cgi of the component Debug Interface. This manipulation of the argument cmd causes backdoor. It is possible to initiate the attack remotely. The complexity of an...
EFM ipTIME A8004T 安全漏洞
The EFM ipTIME A8004T is a wireless router produced by the South Korean company EFM. The EFM ipTIME A8004T version 14.18.2 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter cmd in the function httpconchecksessionurl located in the /sess-bin/d.cgi...
EFM ipTIME A8004T 授权问题漏洞
The EFM ipTIME A8004T is a wireless router produced by the South Korean company EFM. The version 14.18.2 of the EFM ipTIME A8004T contains an authorization vulnerability. This vulnerability stems from incorrect operations on the function httpconchecksessionurl in the file/cgi/timepro.cgi, which m...
CVE-2024-56083
Cognition Devin before 2024-12-12 provides write access to code by an attacker who discovers the https://vscode-randomlygeneratedstring.devinapps.com URL aka the VSCode live share URL for a specific "Use Devin's Machine" session. For example, this URL may be discovered if a customer posts a...
CVE-2024-56083
Cognition Devin before 2024-12-12 provides write access to code by an attacker who discovers the https://vscode-randomlygeneratedstring.devinapps.com URL aka the VSCode live share URL for a specific "Use Devin's Machine" session. For example, this URL may be discovered if a customer posts a...
CVE-2024-56083
The CVE-2024-56083 entry concerns Cognition Devin prior to 2024-12-12, where an attacker who discovers the VSCode Live Share URL used for a specific "Use Devin's Machine" session can obtain write access to the code. Affected component is Devin’s live‑share workflow; the underlying issue is URL‑le...