Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

Cvelist
Cvelistadded 2023/02/23 12:0 a.m.19 views

CVE-2023-23295

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root...

9.3AI score0.0383EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2023/02/23 12:0 a.m.3 views

PT-2023-18890 · Korenix · Korenix Jetwave 4200 Series +1

Name of the Vulnerable Software and Affected Versions: Korenix Jetwave 4200 Series version 1.3.0 Korenix JetWave 3000 Series version 1.6.0 Description: The issue allows for Command Injection via the "/goform/formSysCmd" API endpoint. An attacker can modify the sysCmd parameter to execute commands...

8.8CVSS9.3AI score0.0383EPSS
Exploits1References5
Prion
Prionadded 2020/11/24 9:15 p.m.19 views

Remote code execution

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter...

10CVSS7.8AI score0.04218EPSS
Exploits1References1Affected Software8
Cvelist
Cvelistadded 2020/11/24 9:1 p.m.21 views

CVE-2015-9551

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter...

9.8AI score0.04218EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2020/11/24 12:0 a.m.48 views

CVE-2015-9551

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

10CVSS9.3AI score0.04218EPSS
In wildExploits1References2
OSV
OSVadded 2020/01/27 6:15 p.m.3 views

CVE-2019-19824

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI syscmd.htm is not available. This allows for full control over the device's internals. This affects A3002RU through...

8.8CVSS7.5AI score0.25135EPSS
Exploits3References5
OSV
OSVadded 2019/01/09 11:29 p.m.1 views

CVE-2018-0626

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter...

7.2CVSS6AI score0.01399EPSS
Exploits0References2
OSV
OSVadded 2018/12/11 9:29 a.m.2 views

CVE-2018-20057

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter...

8.8CVSS6.1AI score0.07396EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2018/12/11 12:0 a.m.4 views

PT-2018-3890 · D Link · D-Link Dir-605L +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L version 2.06B1 D-Link DIR-605L version 2.12B1 Description: An issue was discovered in the /bin/boa component of D-Link DIR-619L and DIR-605L devices. The goform/formSysCmd endpoint allows remote authenticated users to execute...

9CVSS8.7AI score0.07396EPSS
Exploits1References3
Rows per page
Query Builder