Lucene search
K

355 matches found

CNNVD
CNNVD
added 2025/11/13 12:0 a.m.4 views

Linksys E1200 安全漏洞

The Linksys E1200 is a router from Linksys USA. The Linksys E1200 suffers from a command injection vulnerability that can be exploited by an attacker to execute arbitrary commands on the device...

5.4CVSS8AI score0.07886EPSS
Exploits1References4
CVE
CVE
added 2025/11/13 12:0 a.m.16 views

CVE-2025-60673

CVE-2025-60673 describes an unauthenticated command-injection vulnerability in the D-Link DIR-878A1 router, firmware FW101B04.bin. The flaw exists in SetDMZSettings where the IPAddress parameter in prog.cgi is stored in NVRAM and later used by librcm.so to build iptables commands executed via tws...

6.5CVSS7.8AI score0.0345EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.9 views

PT-2025-46857

An unauthenticated command injection vulnerability exists in the Start EPI function of the httpd binary on Linksys E1200 v2 routers Firmware E1200 v2.0.11.001 us.tar.gz. The vulnerability occurs because user-supplied CGI parameters wl ant, wl ssid, wl rate, ttcp num, ttcp ip, ttcp size are...

8.5AI score0.07886EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/11/13 12:0 a.m.20 views

CVE-2025-60672

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are stored in NVRAM and later used by rc to...

0.03549EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/07 5:55 a.m.4 views

CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to OS command injection

Overview CLUSTERPRO X and EXPRESSCLUSTER X provided by NEC Corporation contain the following vulnerability. OS command injection CWE-78 - CVE-2025-11546 NEC Corporation reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and NEC Corporation coordinated under...

9.8CVSS7.4AI score0.00448EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/07 1:9 a.m.7 views

CVE-2025-11546

CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and EXPRESSCLUSTER X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, CLUSTERPRO X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2, EXPRESSCLUSTER X SingleServerSafe for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 allows an attacker sends...

9.3CVSS0.00448EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/06 7:58 p.m.6 views

CVE-2022-50596 D-Link DIR-1260 <= v1.20B05 GetDeviceSettings Unauthenticated Command Injection

D-Link DIR-1260 Wi-Fi router firmware versions up to and including v1.20B05 contain a command injection vulnerability within the web management interface that allows for unauthenticated attackers to execute arbitrary commands on the device with root privileges. The flaw specifically exists within...

9.3CVSS7.6AI score0.04115EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/23 3:13 p.m.7 views

CVE-2016-15048

AMTT Hotel Broadband Operation System HiBOS contains an unauthenticated command injection vulnerability in the /manager/radius/serverping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An...

10CVSS8.2AI score0.07163EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/22 3:31 p.m.6 views

EUVD-2016-10793

AMTT Hotel Broadband Operation System HiBOS contains an unauthenticated command injection vulnerability in the /manager/radius/serverping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An...

10CVSS7.7AI score0.07163EPSS
Exploits2References6
Cvelist
Cvelist
added 2025/10/22 2:21 p.m.13 views

CVE-2016-15048 AMTT HiBOS Command Injection RCE via server_ping.php

AMTT Hotel Broadband Operation System HiBOS contains an unauthenticated command injection vulnerability in the /manager/radius/serverping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An...

10CVSS0.07163EPSS
Exploits2References5
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.10 views

AMTT Hotel Broadband Operation System 安全漏洞

AMTT Hotel Broadband Operation System is a hotel broadband operation system from China-based AmTech Century AMTT. A security vulnerability exists in the AMTT Hotel Broadband Operation System, which originates from an unauthenticated command injection in the /manager/radius/serverping.php endpoint...

10CVSS7.6AI score0.07163EPSS
Exploits2References6
VulnCheck KEV
VulnCheck KEV
added 2025/10/22 12:0 a.m.12 views

VulnCheck KEV: CVE-2016-15048

AMTT Hotel Broadband Operation System HiBOS contains an unauthenticated command injection vulnerability in the /manager/radius/serverping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An...

10CVSS6.1AI score0.07163EPSS
In wildExploits2References3
RedhatCVE
RedhatCVE
added 2025/10/17 6:44 p.m.16 views

CVE-2025-34513

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection vulnerability in mbusbuildfromcsv.php that allows an unauthenticated attacker to execute arbitrary code. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to...

9.8CVSS8.3AI score0.07616EPSS
Exploits3References1
CVE
CVE
added 2025/10/16 5:53 p.m.16 views

CVE-2025-34513

Ilevia EVE X1 Server firmware ≤ 4.7.18.0.eden contains a pre-authentication OS command injection in mbus_build_from_csv.php (/ajax/php/mbus_build_from_csv.php), allowing unauthenticated code execution. Multiple sources (NVD, Red Hat CVE page, CIRCL, ZSL) confirm unauthenticated remote command exe...

9.8CVSS7.9AI score0.07616EPSS
Exploits3References3Affected Software1
Packet Storm
Packet Storm
added 2025/10/16 12:0 a.m.149 views

📄 Ilevia EVE X1 Server 4.7.18.0.eden Unauthenticated Remote Command Injection

Ilevia EVE X1 Server versions 4.7.18.0.eden and below suffer from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the mbusfile and mbuscsv HTTP POST parameters through the /ajax/php/mbusbuildfromcsv.php script...

9.8CVSS8.4AI score0.07616EPSS
Exploits3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2010-5304

Malware in sbrugna...

9.3CVSS6.4AI score0.00953EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-15270

Malware in sbrugna...

9.8CVSS9.5AI score0.01679EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2012-6587

Malware in sbrugna...

9.3CVSS6.3AI score0.02929EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2012-6592

Malware in sbrugna...

9.3CVSS6.3AI score0.02848EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-8947

Malware in sbrugna...

9.8CVSS9.5AI score0.01969EPSS
Exploits0References2
Rows per page
Query Builder