Lucene search
+L

13 matches found

cvelist
cvelist
added 2026/06/29 7:0 a.m.34 views

CVE-2026-13545 D-Link DCS-935L POST Parameter setconf.cgi sub_400E40 os command injection

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...

9CVSS0.02706EPSS
Exploits1References6
redhatcve
redhatcve
added 2025/12/10 9:16 p.m.4 views

CVE-2021-47709

COMMAX Smart Home System allows an unauthenticated attacker to change configuration and cause denial-of-service through the setconf endpoint. Attackers can trigger a denial-of-service scenario by sending a malformed request to the setconf endpoint...

8.7CVSS7AI score0.00306EPSS
Exploits0References1
euvd
euvd
added 2025/12/09 9:31 p.m.11 views

EUVD-2021-34730

COMMAX Smart Home System allows an unauthenticated attacker to change configuration and cause denial-of-service through the setconf endpoint. Attackers can trigger a denial-of-service scenario by sending a malformed request to the setconf endpoint...

8.7CVSS6.5AI score0.00306EPSS
Exploits0References5
nvd
nvd
added 2025/12/09 9:15 p.m.6 views

CVE-2021-47709

COMMAX Smart Home System allows an unauthenticated attacker to change configuration and cause denial-of-service through the setconf endpoint. Attackers can trigger a denial-of-service scenario by sending a malformed request to the setconf endpoint...

8.7CVSS0.00306EPSS
Exploits0References4
cvelist
cvelist
added 2025/12/09 8:39 p.m.20 views

CVE-2021-47709 COMMAX Smart Home Ruvie CCTV Bridge DVR Service Config Write / DoS

COMMAX Smart Home System allows an unauthenticated attacker to change configuration and cause denial-of-service through the setconf endpoint. Attackers can trigger a denial-of-service scenario by sending a malformed request to the setconf endpoint...

8.7CVSS0.00306EPSS
Exploits0References4
cve
cve
added 2025/12/09 8:39 p.m.15 views

CVE-2021-47709

CVE-2021-47709 (COMMAX Smart Home System) : An unauthenticated attacker can change configuration and trigger denial-of-service by sending a malformed request to the setconf endpoint. The impact is a network-accessible DoS with high severity (CVSS 4.0 base 8.7, AV:N/AC:L/PR:N/UI:N/VI:N/VC:N/VA:H/S...

8.7CVSS6.6AI score0.00306EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2025/12/09 8:39 p.m.4 views

CVE-2021-47709 COMMAX Smart Home Ruvie CCTV Bridge DVR Service Config Write / DoS

COMMAX Smart Home System allows an unauthenticated attacker to change configuration and cause denial-of-service through the setconf endpoint. Attackers can trigger a denial-of-service scenario by sending a malformed request to the setconf endpoint...

8.7CVSS6.6AI score0.00306EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/12/09 12:0 a.m.5 views

COMMAX Smart Home System 访问控制错误漏洞

COMMAX Smart Home System is a smart home system from COMMAX Corporation in South Korea. An access control error vulnerability exists in the COMMAX Smart Home System that stems from a configuration modification issue in the setconf endpoint that could lead to a denial of service...

8.7CVSS6.6AI score0.00306EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2025/12/09 12:0 a.m.5 views

PT-2025-50239

Name of the Vulnerable Software and Affected Versions COMMAX Smart Home System affected versions not specified Description An unauthenticated attacker can alter configurations and disrupt service. This is achieved by sending a crafted request to the setconf API endpoint. An attacker can initiate ...

8.7CVSS6.5AI score0.00306EPSS
Exploits0References6
osv
osv
added 2025/01/17 5:15 p.m.3 views

CVE-2024-26153

All versions of ETIC Telecom Remote Access Server RAS prior to 4.9.19 are vulnerable to cross-site request forgery CSRF. An external attacker with no access to the device can force the end user into submitting a "setconf" method request, not requiring any CSRF token, which can lead into denial of...

6.3CVSS5.7AI score0.0017EPSS
Exploits0References1
redhat
redhat
added 2024/08/01 7:52 a.m.7 views

kernel: GSM multiplexing race condition leads to privilege escalation

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

7CVSS6.9AI score0.00767EPSS
Exploits0References6
redhat
redhat
added 2024/03/12 12:48 a.m.3 views

kernel: GSM multiplexing race condition leads to privilege escalation

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

7CVSS6.9AI score0.00767EPSS
Exploits0References6
osv
osv
added 2023/12/21 8:15 p.m.14 views

AZL-32284 CVE-2023-6546 affecting package kernel for versions less than 5.15.148.1-1

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

7CVSS6.6AI score0.00767EPSS
Exploits0References1
Rows per page
Query Builder