64 matches found
CVE-2024-36060
EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell metacharacters in the Ping and Speed Test parameters...
CVE-2021-40349
e7d Speed Test aka speedtest 0.5.3 allows a path-traversal attack that results in information disclosure via the "GET /.." substring...
CVE-2020-28094
On Tenda AC1200 Model AC6 15.03.06.51multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning...
CVE-2019-18370
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application's sh...
CVE-2024-36061
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...
CVE-2024-36061
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...
CVE-2024-36061
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...
EnGenius EWS356-FIT 安全漏洞
The EnGenius EWS356-FIT is an indoor wireless access point from EnGenius. A security vulnerability exists in the EnGenius EWS356-FIT version 1.1.30 and earlier. An attacker can exploit the vulnerability to execute arbitrary operating system commands via shell metacharacters to the Ping and Speed...
CVE-2024-36061
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities...
CVE-2024-36061
CVE-2024-36061 affects EnGenius EWS356-FIT devices (versions up to 1.1.30). The vulnerability is a blind OS command injection that lets an attacker execute arbitrary OS commands by injecting shell metacharacters into the Ping and Speed Test utilities. This could lead to full device compromise, de...
CVE-2024-36060
EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell metacharacters in the Ping and Speed Test parameters...
PT-2024-26872 · Engenius · Engenius Enstation5-Ac
Name of the Vulnerable Software and Affected Versions: EnGenius EnStation5-AC A8J-ENS500AC version 1.0.0 Description: The issue allows blind OS command injection via shell metacharacters in the Ping and Speed Test parameters. This can potentially be exploited to execute unauthorized commands on t...
CVE-2024-36060
EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell metacharacters in the Ping and Speed Test parameters...
CVE-2024-36060
CVE-2024-36060 affects EnGenius EnStation5-AC A8J-ENS500AC (version 1.0.0). The vulnerability is a blind OS command injection through shell metacharacters in the Ping and Speed Test parameters. CVSSv3.1 base score is 8.8 (HIGH) with adjacent access, no user interaction, and all impact metrics HIG...
CVE-2024-45242
EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...
PT-2024-31500
Name of the Vulnerable Software and Affected Versions EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2 c1.9.51 Description The issue allows for OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During initial setup, the device creates an open unsecured...
CVE-2024-45242
EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...
CVE-2024-32890 Stored Cross-site Scripting in results JSON API in librespeed/speedtest
librespeed/speedtest is an open source, self-hosted speed test for HTML5. In affected versions missing neutralization of the ISP information in a speedtest result leads to stored Cross-site scripting in the JSON API. The processedString field in the ispinfo parameter is missing neutralization. It...
SpeedyTest - Command-Line Tool For Measuring Internet Speed
SpeedyTest is a powerful command-line tool for measuring internet speed. With its advanced features and intuitive interface, it provides accurate and comprehensive speed test results. Whether you're a network administrator, developer, or simply want to monitor your internet connection, SpeedyTest...
GSD-2023-1000693 crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
crypto: tcrypt - Fix multibuffer skcipher speed test mem leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...