PT-2026-28507

Name of the Vulnerable Software and Affected Versions nanobot versions prior to 0.1.6 Description An indirect prompt injection exists in the email channel processing module nanobot/channels/email.py. This allows a remote, unauthenticated attacker to execute arbitrary Large Language Model LLM...

CVE-2026-31847

CVE-2026-31847 concerns Nexxt Solutions Nebula 300+ devices running firmware up to 12.01.01.37. A hidden functionality in the /goform/setSysTools endpoint can remotely enable Telnet, which then exposes a privileged diagnostic management interface over the network. This increases attack surface an...

Advantech SUSI 安全漏洞

Advantech SUSI is a set of embedded system interface management tools from Advantech, Taiwan, China. A security vulnerability exists in Advantech SUSI 5.0.24335 and prior versions, which stems from improper access control and could lead to elevation of privilege and arbitrary code execution...

EUVD-2008-6752

Malware in sbrugna...

VulnCheck KEV: CVE-2022-44149

The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required...

WogRAT Backdoor Poses Risk to Windows and Linux Users

Summary: WogRAT, a backdoor malware targeting both Windows and Linux, spreads through aNotepad, an online notepad service. It disguises itself as system tools to trick users into downloading it, mainly targeting users in Asia. Users are cautioned to download software from official sources and...

CVE-2023-2476

A vulnerability was found in Dromara J2eeFAST up to 2.6.0. It has been classified as problematic. Affected is an unknown function of the component Announcement Handler. The manipulation of the argument 系统工具/公告管理 leads to cross site scripting. It is possible to launch the attack remotely. The...

Huawei HarmonyOS 代码问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a serialization and deserialization inconsistency vulnerability in the System Tools cla...

Unspecified Vulnerability in TP-LINK TL-WR841N

The TP-LINK TL-WR841N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK TL-WR841N V12 firmware version 3.16.9, which can be exploited by an authenticated, remote attacker to execute arbitrary code via a GET request to the System Tools page of a Wi-Fi...

CVE-2022-30024

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

CVE-2022-30024

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

CVE-2022-30024

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

Buffer overflow

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841NEUV12160624 and TL-WR841 V11...

TP-LINK TL-WR841N 安全漏洞

The TP-LINK TL-WR841N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK TL-WR841N V12 firmware version 3.16.9, which can be exploited by an authenticated, remote attacker to execute arbitrary code via a GET request to the System Tools page of a Wi-Fi...

PT-2022-3664 · Tp Link · Tp-Link Tl-Wr841N

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841N versions 3.16.9 and earlier Description: A buffer overflow in the httpd daemon allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This...

Halo 跨站脚本漏洞

Halo is a personal blogging system for individual developers. Halo is vulnerable to a cross-site scripting vulnerability that originates in adminindex.html/system/tools and contains a stored cross-site scripting XSS vulnerability. No detailed vulnerability details are available at this time...

CVE-2021-28143

/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute under System Tools...

CVE-2021-28143

/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute under System Tools...

Command injection

/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping, ping6, or traceroute under System Tools...

ALPINE-CVE-2020-6108

An exploitable code execution vulnerability exists in the fsckchkorphannode functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability...