Lucene search
K

18 matches found

CNNVD
CNNVD
added 2026/05/05 12:0 a.m.8 views

Altice Labs GR140DG和Altice Labs GR140IG 安全漏洞

Both Altice Labs GR140DG and Altice Labs GR140IG are fiber-optic access gateway devices from the Portuguese company Altice Labs. Both devices have security vulnerabilities. The vulnerability stems from the traceroute diagnostic handler in /bin/httpdclientside, which allows uncleaned user input to...

8.8CVSS6.1AI score0.01275EPSS
Exploits0References2
NVD
NVD
added 2026/03/04 8:16 a.m.7 views

CVE-2026-28774

An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters such as the pip...

9.3CVSS0.02432EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.9 views

PT-2026-22876

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 Description An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility. An authenticated...

9.3CVSS6.2AI score0.02432EPSS
Exploits1References7
OSV
OSV
added 2025/12/05 5:16 p.m.5 views

CVE-2025-14093

A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. Th...

9.8CVSS5.7AI score0.17632EPSS
Exploits1References4
NVD
NVD
added 2025/12/05 5:16 p.m.8 views

CVE-2025-14093

A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. Th...

9.8CVSS0.17632EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/05 4:32 p.m.3 views

CVE-2025-14093 Edimax BR-6478AC V3 formTracerouteDiagnosticRun sub_416990 os command injection

A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. Th...

5.8CVSS6.6AI score0.17632EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/05 4:32 p.m.5 views

EUVD-2025-201448

A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. Th...

5.8CVSS6.5AI score0.17632EPSS
Exploits1References5
CVE
CVE
added 2025/12/05 4:32 p.m.11 views

CVE-2025-14093

Edimax BR-6478AC V3 firmware 1.0.15 contains an os command injection in sub_416990 of /boafrm/formTracerouteDiagnosticRun, triggered by manipulating the host argument. It is exploitable remotely and the exploit is public. Red Hat notes vendor non-response; PT Security and others corroborate the i...

9.8CVSS6.6AI score0.17632EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.6 views

PT-2025-49262

Name of the Vulnerable Software and Affected Versions Edimax BR-6478AC V3 version 1.0.15 Description A flaw exists in the Edimax BR-6478AC V3 version 1.0.15. The sub 416990 function within the /boafrm/formTracerouteDiagnosticRun file is susceptible to os command injection due to manipulation of t...

9.8CVSS5.2AI score0.17632EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

Edimax BR-6478AC 操作系统命令注入漏洞

Edimax BR-6478AC is a dual-band gigabit router from China Xunzhou Edimax. An OS command injection vulnerability exists in the Edimax BR-6478AC V3 version 1.0.15, which stems from the incorrect operation of the parameter host in the file /boafrm/formTracerouteDiagnosticRun, which could lead to os...

9.8CVSS5.5AI score0.17632EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/11/19 12:10 a.m.7 views

CVE-2025-13305

A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched...

9.8CVSS7.1AI score0.03258EPSS
Exploits1References1
OSV
OSV
added 2025/11/17 11:15 p.m.5 views

CVE-2025-13305

A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched...

9.8CVSS6.4AI score0.03258EPSS
Exploits1References9
NVD
NVD
added 2025/11/17 11:15 p.m.7 views

CVE-2025-13305

A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched...

9.8CVSS0.03258EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2025/11/17 11:2 p.m.3 views

CVE-2025-13305 D-Link DWR-M920/DWR-M921/DWR-M960/DIR-822K/DIR-825M formTracerouteDiagnosticRun buffer overflow

A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched...

9CVSS8.8AI score0.03258EPSS
Exploits1References9
EUVD
EUVD
added 2025/11/17 11:2 p.m.6 views

EUVD-2025-197882

A weakness has been identified in D-Link DWR-M920, DWR-M921, DWR-M960, DIR-822K and DIR-825M 1.01.07. This issue affects some unknown processing of the file /boafrm/formTracerouteDiagnosticRun. Executing manipulation of the argument host can lead to buffer overflow. The attack may be launched...

9CVSS6.7AI score0.03258EPSS
Exploits1References11
CNNVD
CNNVD
added 2025/11/17 12:0 a.m.3 views

D-Link多款产品 安全漏洞

D-Link DWR-M920 and others are a router from China-based AUO D-Link. A security vulnerability exists in various D-Link products, which stems from incorrect manipulation of the parameter host in the file /boafrm/formTracerouteDiagnosticRun, which may result in a buffer overflow. The following...

9.8CVSS9AI score0.03258EPSS
Exploits1References10
CNVD
CNVD
added 2020/03/06 12:0 a.m.4 views

Comtrend VR-3033 Command Injection Vulnerability

The Comtrend VR-3033 is a high power 802.11n 300Mbps single line VDSL router. The Comtrend VR-3033 DE11-416SSG-C01R02.A2pvI042j1.d26m suffers from a command injection vulnerability. A remote authenticated attacker could exploit this vulnerability via the ping and traceroute diagnostic pages to ta...

9CVSS7.4AI score0.77282EPSS
Exploits3References1
OSV
OSV
added 2020/03/05 3:15 p.m.5 views

CVE-2020-10173

Comtrend VR-3033 DE11-416SSG-C01R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ping.cgi...

8.8CVSS7.3AI score0.77282EPSS
Exploits3References1
Rows per page
Query Builder