Lucene search
+L

64 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:19 a.m.8 views

CVE-2024-36060

EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell metacharacters in the Ping and Speed Test parameters...

8.8CVSS7.7AI score0.01396EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:45 p.m.5 views

CVE-2021-40349

e7d Speed Test aka speedtest 0.5.3 allows a path-traversal attack that results in information disclosure via the "GET /.." substring...

5.3CVSS6.5AI score0.0109EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:0 p.m.8 views

CVE-2020-28094

On Tenda AC1200 Model AC6 15.03.06.51multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning...

7.5CVSS7AI score0.01205EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:10 a.m.9 views

CVE-2019-18370

An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application's sh...

9.8CVSS7.5AI score0.40295EPSS
Exploits2References1
OSV
OSV
added 2024/11/11 8:15 p.m.5 views

CVE-2024-36061

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...

9.8CVSS6AI score0.01068EPSS
Exploits0References1
NVD
NVD
added 2024/11/11 8:15 p.m.28 views

CVE-2024-36061

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...

9.8CVSS0.01068EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/11 12:0 a.m.36 views

CVE-2024-36061

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...

0.01068EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.6 views

EnGenius EWS356-FIT 安全漏洞

The EnGenius EWS356-FIT is an indoor wireless access point from EnGenius. A security vulnerability exists in the EnGenius EWS356-FIT version 1.1.30 and earlier. An attacker can exploit the vulnerability to execute arbitrary operating system commands via shell metacharacters to the Ping and Speed...

9.8CVSS7.5AI score0.01068EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/11 12:0 a.m.19 views

CVE-2024-36061

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...

8.6AI score0.01068EPSS
Exploits0References1
CVE
CVE
added 2024/11/11 12:0 a.m.58 views

CVE-2024-36061

CVE-2024-36061 affects EnGenius EWS356-FIT devices (versions up to 1.1.30). The vulnerability is a blind OS command injection that lets an attacker execute arbitrary OS commands by injecting shell metacharacters into the Ping and Speed Test utilities. This could lead to full device compromise, de...

9.8CVSS8.3AI score0.01068EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/30 12:0 a.m.8 views

CVE-2024-36060

EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell metacharacters in the Ping and Speed Test parameters...

7.7AI score0.01396EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/30 12:0 a.m.8 views

PT-2024-26872 · Engenius · Engenius Enstation5-Ac

Name of the Vulnerable Software and Affected Versions: EnGenius EnStation5-AC A8J-ENS500AC version 1.0.0 Description: The issue allows blind OS command injection via shell metacharacters in the Ping and Speed Test parameters. This can potentially be exploited to execute unauthorized commands on t...

8.8CVSS7.6AI score0.01396EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/30 12:0 a.m.19 views

CVE-2024-36060

EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell metacharacters in the Ping and Speed Test parameters...

0.01396EPSS
Exploits0References1
CVE
CVE
added 2024/10/30 12:0 a.m.61 views

CVE-2024-36060

CVE-2024-36060 affects EnGenius EnStation5-AC A8J-ENS500AC (version 1.0.0). The vulnerability is a blind OS command injection through shell metacharacters in the Ping and Speed Test parameters. CVSSv3.1 base score is 8.8 (HIGH) with adjacent access, no user interaction, and all impact metrics HIG...

8.8CVSS7.7AI score0.01396EPSS
Exploits0References1
NVD
NVD
added 2024/10/24 8:15 p.m.33 views

CVE-2024-45242

EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...

7.8CVSS0.34662EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.6 views

PT-2024-31500

Name of the Vulnerable Software and Affected Versions EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2 c1.9.51 Description The issue allows for OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During initial setup, the device creates an open unsecured...

7.8CVSS7.7AI score0.34662EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.84 views

CVE-2024-45242

EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...

0.34662EPSS
Exploits0References2
OSV
OSV
added 2024/05/01 6:34 a.m.36 views

CVE-2024-32890 Stored Cross-site Scripting in results JSON API in librespeed/speedtest

librespeed/speedtest is an open source, self-hosted speed test for HTML5. In affected versions missing neutralization of the ISP information in a speedtest result leads to stored Cross-site scripting in the JSON API. The processedString field in the ispinfo parameter is missing neutralization. It...

6.1CVSS6.2AI score0.00523EPSS
Exploits0References5
Kitploit
Kitploit
added 2024/02/21 11:30 a.m.26 views

SpeedyTest - Command-Line Tool For Measuring Internet Speed

SpeedyTest is a powerful command-line tool for measuring internet speed. With its advanced features and intuitive interface, it provides accurate and comprehensive speed test results. Whether you're a network administrator, developer, or simply want to monitor your internet connection, SpeedyTest...

7.4AI score
Exploits0References2
OSV
OSV
added 2023/01/17 6:0 p.m.12 views

GSD-2023-1000693 crypto: tcrypt - Fix multibuffer skcipher speed test mem leak

crypto: tcrypt - Fix multibuffer skcipher speed test mem leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder