CVE-2025-60550

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formEasySetTimezone...

EUVD-2005-4347

Malware in sbrugna...

EUVD-2025-24632

Malicious code in bioql PyPI...

EUVD-2025-4120

Malicious code in bioql PyPI...

CVE-2017-18372

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the toolstime.asp page and can be exploited through the...

CVE-2025-22367

The authenticated time setting capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS...

CVE-2025-22367 Mennekes smart/premium charges systems, Command injection in time setting

The authenticated time setting capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS...

CVE-2025-25522

Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability...

CVE-2025-25522

Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability...

CVE-2025-25522

Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability...

CVE-2025-25522

CVE-2025-25522 affects Linksys WAP610N v1.0.05.002. The vulnerability is a buffer overflow caused by lack of length verification during the time-setting operation in the device, allowing an attacker with LOCAL access to directly control the remote target and potentially impact confidentiality, in...

NETIS SYSTEMS N3 Operating System Command Injection Vulnerability

NETIS SYSTEMS N3 is a router from NETIS SYSTEMS. A security vulnerability exists in the NETIS SYSTEMS N3 Mv2-V1.0.1.865 version, which stems from a command injection vulnerability that includes the ntpServIP parameter via the time setting...

CVE-2023-27920

Improper access control vulnerability in the system date/time setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to alter system date/time of the affected product...

CVE-2023-27920

CVE-2023-27920 concerns an improper access control flaw in the system date/time setting page of Contec SolarView Compact SV-CPT-MC310 (pre-8.10) and SV-CPT-MC310F (pre-8.10). The underlying issue allows a remote authenticated attacker to alter the device’s system date/time. Public documentation a...

Code injection

Protectimus SLIM NFC 70 10.01 devices allow a Time Traveler attack in which attackers can predict TOTP passwords in certain situations. The time value used by the device can be set independently from the used seed value for generating time-based one-time passwords, without authentication. Thus, a...

CVE-2020-7842

Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting using ntpServerlp1 parameter for the users. This affects D'live set-top box APWF2429TB v1.1.10...

CVE-2020-7842

Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting using ntpServerlp1 parameter for the users. This affects D'live set-top box APWF2429TB v1.1.10...

Input validation

Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting using ntpServerlp1 parameter for the users. This affects D'live set-top box APWF2429TB v1.1.10...

CVE-2020-7842 D'live AP command injection vulnerability

Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting using ntpServerlp1 parameter for the users. This affects D'live set-top box APWF2429TB v1.1.10...

CVE-2017-18372

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the toolstime.asp page and can be exploited through the...