332 matches found
📄 dwol 1.0.0 Command Injection
This Python script is a security auditing tool designed to assess a potential unauthenticated command injection vulnerability in dwol. It interacts with the target application's API to register test machines and inject controlled payloads into the host parameter to determine whether arbitrary...
CVE-2026-36540
Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated command injection via the /cgi-bin/skkset.cgi endpoint. The password and newpwdconfirm POST parameters are passed directly to the underlying OS shell without sanitization. An attacker can inject arbitrary shell commands by...
CVE-2026-45087
Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, when dalfox is started in REST API server mode dalfox server, the server binds to 0.0.0.0:6664 by default and requires no API key unless the operator explicitly passes --api-key. Because model.Options...
GitBucket 访问控制错误漏洞
GitBucket is an open-source Git code hosting platform based on Scala. Version 4.23.1 of GitBucket contains a vulnerability related to access control. This vulnerability stems from the generation of weak secret tokens and the insecure file upload feature, which may allow unauthenticated attackers ...
EUVD-2026-30311
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg's /forms/pdfengines/metadata/write HTTP endpoint accepts a JSON metadata object and passes its keys directly to ExifTool via the go-exiftool library. No validation is performed on key characters. A \n embedded i...
CVE-2026-25077
CVE-2026-25077 affects Apache CloudStack with KVM deployments. Due to missing file name sanitization, account users can register templates for direct download to primary storage, enabling an attacker to execute arbitrary code on KVM hosts. This can compromise resource integrity and confidentialit...
CVE-2026-25077 Apache CloudStack: Unauthenticated Command Injection in Direct Download Templates
Account users are allowed by default to register templates to be downloaded directly to the primary storage for deploying instances using the KVM hypervisor. Due to missing file name sanitization, an attacker can register malicious templates to execute arbitrary code on the KVM hosts. This can...
CVE-2026-25077 Apache CloudStack: Unauthenticated Command Injection in Direct Download Templates
Account users are allowed by default to register templates to be downloaded directly to the primary storage for deploying instances using the KVM hypervisor. Due to missing file name sanitization, an attacker can register malicious templates to execute arbitrary code on the KVM hosts. This can...
CVE-2026-8153 Command injection in Dashboard Server interface
OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS...
PT-2026-38670
Name of the Vulnerable Software and Affected Versions Control Web Panel CWP versions prior to 0.9.8.1209 Description Unauthenticated attackers can inject and execute arbitrary OS commands with root privileges on the web server. This occurs because user input provided through the key GET parameter...
Security Bulletin: Vulnerability in IBM's Common Cryptographic Architecture (CCA) (CVE-2025-13375)
Summary IBM Common Cryptographic Architecture CCA is used to interface with the IBM Hardware Security Module HSM. A security vulnerability exists that has a high confidentiality, integrity and availability impact on card and consuming applications. Vulnerability Details CVEID:CVE-2025-13375...
CVE-2026-36356
The GoAhead web server on MeiG Smart FORGESLT711 devices firmware MDM9607.LE.1.0-00110-STD.PROD-1 allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint...
CVE-2026-36356
The CVE-2026-36356 issue affects MeiG Smart FORGE_SLT711 devices running firmware MDM9607.LE.1.0-00110-STD.PROD-1, where the GoAhead web server exposes an unauthenticated /action/SetRemoteAccessCfg endpoint that injects user input into a shell command via sprintf()/system(), enabling arbitrary co...
CVE-2026-36356
The GoAhead web server on MeiG Smart FORGESLT711 devices firmware MDM9607.LE.1.0-00110-STD.PROD-1 allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint...
CVE-2026-36356
The GoAhead web server on MeiG Smart FORGESLT711 devices firmware MDM9607.LE.1.0-00110-STD.PROD-1 allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint...
CVE-2026-41924
WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the makeRequest.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the settime or StartSniffer functions. Attackers can...
PT-2026-36911
Name of the Vulnerable Software and Affected Versions WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 Description An OS command injection issue exists in the 'internet.cgi' binary. Unauthenticated remote attackers can execute arbitrary shell commands by injecting malicious input into the...
CVE-2026-41268
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...
EUVD-2026-25136
IBM Total Storage Service Console TSSC / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input...
CVE-2026-5935
CVE-2026-5935 affects IBM Total Storage Service Console (TSSC) / TS4500 IMC versions 9.2–9.6. The IBM advisory documents an OS Command Injection vulnerability (CWE-78) due to improper validation of user input, allowing an unauthenticated user to execute arbitrary commands with normal user privile...