Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

46 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-27395

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.02257EPSS
Exploits1References2
OSV
OSVadded 2025/06/20 7:15 p.m.0 views

CVE-2025-34029

An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell...

8.8CVSS6.2AI score0.05352EPSS
Exploits1References4
VulnCheck KEV
VulnCheck KEVadded 2025/06/20 12:0 a.m.1 views

VulnCheck KEV: CVE-2025-34029

An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell...

9.4CVSS6AI score0.05352EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 3:42 a.m.4 views

CVE-2023-30404

Aigital Wireless-N Repeater MiniRouter v0.131229 was discovered to contain a remote code execution RCE vulnerability via the sysCmd parameter in the formSysCmd function. This vulnerability is exploited via a crafted HTTP request...

9.8CVSS8.3AI score0.14649EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 5:27 a.m.2 views

CVE-2015-9551

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter...

10CVSS7.5AI score0.07369EPSS
Exploits1References1
CNVD
CNVDadded 2025/05/20 12:0 a.m.1 views

D-Link DIR-605L sysCmd Parameter Command Injection Vulnerability

The D-Link DIR-605L is a wireless router from China's AUO D-Link. The D-Link DIR-605L suffers from a command injection vulnerability that stems from the parameter sysCmd failing to properly filter constructed command special characters, commands, and so on. No details of the vulnerability are...

9.8CVSS9.1AI score0.01744EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/05/08 12:0 a.m.1 views

D-Link DIR-605L 安全漏洞

The D-Link DIR-605L is a wireless router from China's AUO D-Link. The D-Link DIR-605L suffers from a command injection vulnerability that stems from the parameter sysCmd failing to properly filter constructed command special characters, commands, and so on. No details of the vulnerability are...

9.8CVSS7.6AI score0.01744EPSS
Exploits0References2
NVD
NVDadded 2023/04/26 12:15 a.m.5 views

CVE-2023-30404

Aigital Wireless-N Repeater MiniRouter v0.131229 was discovered to contain a remote code execution RCE vulnerability via the sysCmd parameter in the formSysCmd function. This vulnerability is exploited via a crafted HTTP request...

9.8CVSS9.8AI score0.14649EPSS
Exploits1References2
CVE
CVEadded 2023/04/25 12:0 a.m.43 views

CVE-2023-30404

CVE-2023-30404 affects Aigital Wireless-N Repeater Mini_Router v0.131229. The issue is a remote code execution (RCE) in the formSysCmd function, exploitable via the sysCmd parameter and a crafted HTTP request. Connected sources confirm the vulnerable component is the formSysCmd/sysCmd pathway, wi...

9.8CVSS9.7AI score0.14649EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/04/25 12:0 a.m.2 views

PT-2023-22675 · Aigital · Aigital Wireless-N Repeater Mini Router

Name of the Vulnerable Software and Affected Versions: Aigital Wireless-N Repeater Mini Router version 0.131229 Description: The issue is a remote code execution vulnerability that can be exploited via a crafted HTTP request. It affects the formSysCmd function through the sysCmd parameter. There ...

9.8CVSS9.5AI score0.14649EPSS
Exploits1References6
Cvelist
Cvelistadded 2023/02/23 12:0 a.m.13 views

CVE-2023-23295

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root...

9.3AI score0.02257EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2023/02/23 12:0 a.m.3 views

PT-2023-18890 · Korenix · Korenix Jetwave 4200 Series +1

Name of the Vulnerable Software and Affected Versions: Korenix Jetwave 4200 Series version 1.3.0 Korenix JetWave 3000 Series version 1.6.0 Description: The issue allows for Command Injection via the "/goform/formSysCmd" API endpoint. An attacker can modify the sysCmd parameter to execute commands...

8.8CVSS9.3AI score0.02257EPSS
Exploits1References5
OSV
OSVadded 2022/11/30 2:15 p.m.0 views

CVE-2021-4242

A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. Affected by this issue is some unknown functionality of the file ip/syscmd.htm. The manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to t...

8.8CVSS5.5AI score0.11515EPSS
Exploits1References3
NVD
NVDadded 2021/08/06 2:15 p.m.8 views

CVE-2021-36706

In ProLink PRC2402M V1.0.18 and older, the setsyscmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system...

9.8CVSS0.13082EPSS
Exploits1References1
Prion
Prionadded 2020/11/24 9:15 p.m.18 views

Remote code execution

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter...

10CVSS7.8AI score0.07369EPSS
Exploits1References1Affected Software8
Cvelist
Cvelistadded 2020/11/24 9:1 p.m.12 views

CVE-2015-9551

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter...

9.8AI score0.07369EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2020/11/24 12:0 a.m.47 views

CVE-2015-9551

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

10CVSS9.3AI score0.07369EPSS
In wildExploits1References2
OSV
OSVadded 2020/01/27 6:15 p.m.2 views

CVE-2019-19824

On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI syscmd.htm is not available. This allows for full control over the device's internals. This affects A3002RU through...

8.8CVSS7.5AI score0.89527EPSS
Exploits3References5
NVD
NVDadded 2019/01/09 11:29 p.m.12 views

CVE-2018-0626

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter...

9CVSS7.3AI score0.00669EPSS
Exploits0References2
Prion
Prionadded 2019/01/09 11:29 p.m.10 views

Design/Logic Flaw

Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter...

9CVSS7.2AI score0.00669EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder