Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-28886

Malicious code in bioql PyPI...

8.1CVSS8.1AI score0.00472EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.4 views

PT-2023-3606 · Zyxel · Zyxel Usg Flex Series +4

Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 5.10 through 5.36 Patch 2 Zyxel USG FLEX series versions 5.00 through 5.36 Patch 2 Zyxel USG FLEX 50W series versions 5.10 through 5.36 Patch 2 Zyxel USG20W-VPN series versions 5.10 through 5.36 Patch 2 Zyxel VPN...

8.8CVSS8.8AI score0.00303EPSS
Exploits0References6
CNVD
CNVD
added 2022/04/08 12:0 a.m.32 views

D-Link DIR-878 Command Injection Vulnerability (CNVD-2022-38533)

The D-Link DIR-878 is a wireless router from D-Link, a Taiwan-based company. The D-Link DIR-878 is vulnerable to a command injection vulnerability that could be exploited by an unauthenticated LAN attacker to execute arbitrary system commands to control the system or interrupt services...

8.8CVSS4.6AI score0.01527EPSS
Exploits0References1
NVD
NVD
added 2022/04/07 7:15 p.m.14 views

CVE-2022-25595

ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to cause a denial of service by sending particular request a server-to-client reply attempt...

6.5CVSS0.00386EPSS
Exploits0References1
NVD
NVD
added 2022/04/07 7:15 p.m.13 views

CVE-2022-23970

ASUS RT-AX56U’s updatejson function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another file with the same file name, which results in service disruption...

8.1CVSS0.00472EPSS
Exploits0References1
NVD
NVD
added 2022/04/07 7:15 p.m.11 views

CVE-2022-23971

ASUS RT-AX56U’s updatePLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT file with the same file name, which results in service...

8.1CVSS0.00472EPSS
Exploits0References1
NVD
NVD
added 2022/04/07 7:15 p.m.15 views

CVE-2022-25597

ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN attacker to perform command injection attack, execute arbitrary commands and disrupt or terminate service...

8.8CVSS0.00842EPSS
Exploits0References1
Prion
Prion
added 2022/04/07 7:15 p.m.19 views

Command injection

ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request, which allows an unauthenticated LAN attacker to perform command injection attack, execute arbitrary commands and disrupt or terminate service...

5.8CVSS9.2AI score0.00842EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/04/07 7:15 p.m.11 views

Path traversal

ASUS RT-AX56U’s updatePLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT file with the same file name, which results in service...

4.8CVSS8AI score0.00472EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/04/07 7:15 p.m.17 views

Path traversal

ASUS RT-AX56U’s updatejson function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another file with the same file name, which results in service disruption...

4.8CVSS8AI score0.00472EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/07 6:22 p.m.26 views

CVE-2022-26670 D-Link DIR-878 - Command Injection

D-Link DIR-878 has inadequate filtering for special characters in the webpage input field. An unauthenticated LAN attacker can perform command injection attack to execute arbitrary system commands to control the system or disrupt service...

8.8CVSS9.5AI score0.01527EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/07 6:22 p.m.13 views

CVE-2022-25596 ASUS RT-AC86U - Heap-based buffer overflow

ASUS RT-AC56U’s configuration function has a heap-based buffer overflow vulnerability due to insufficient validation for the decryption parameter length, which allows an unauthenticated LAN attacker to execute arbitrary code, perform arbitrary operations and disrupt service...

8.8CVSS9.3AI score0.00554EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/07 6:22 p.m.14 views

CVE-2022-23971 ASUS RT-AX56U - Path Traversal

ASUS RT-AX56U’s updatePLC/PORT file has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated LAN attacker can overwrite a system file by uploading another PLC/PORT file with the same file name, which results in service...

8.1CVSS8.2AI score0.00472EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/17 12:0 a.m.15 views

ASUS RT-AX56U Path Traversal Vulnerability

ASUS RT-AX56U is a wireless router from ASUS Taiwan, China.A path traversal vulnerability exists in ASUS RT-AX56U, which stems from the insufficient filtering of special characters in URL parameters by the login function of ASUS RT-AX56U, which could be exploited by an unauthenticated LAN attacke...

6.5CVSS4.5AI score0.00452EPSS
Exploits0References1
Rows per page
Query Builder