13 matches found
CVE-2025-57685
The LB-Link routers, including the BL-AC2100AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000AE4 v2.4.9, BL-AC1900AZ2 v1.0.2, BL-X26AC8 v1.2.8, and BL-LTE300DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/setserialcfg...
CVE-2025-57685
The LB-Link routers, including the BL-AC2100AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000AE4 v2.4.9, BL-AC1900AZ2 v1.0.2, BL-X26AC8 v1.2.8, and BL-LTE300DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/setserialcfg...
CVE-2025-57685
The LB-Link routers, including the BL-AC2100AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000AE4 v2.4.9, BL-AC1900AZ2 v1.0.2, BL-X26AC8 v1.2.8, and BL-LTE300DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/setserialcfg...
LB-Link多款产品 安全漏洞
LB-Link BL-AC2100AZ3 and others are a wireless router from China Bilink LB-Link. A security vulnerability exists in various LB-Link products, which originates from an unauthorized command injection in the /goform/setserialcfg interface, which may result in the remote execution of malicious...
CVE-2025-57685
The LB-Link routers, including the BL-AC2100AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000AE4 v2.4.9, BL-AC1900AZ2 v1.0.2, BL-X26AC8 v1.2.8, and BL-LTE300DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/setserialcfg...
CVE-2023-34849
An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1...
CVE-2023-34849
An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1...
CVE-2023-34849
An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1...
CVE-2023-34849
CVE-2023-34849 : Ikuai router OS up to version 3.7.1 contains an unauthorized command injection in the ActionLogin function of webman.lua, enabling arbitrary command execution with network access and no user interaction. Exploitation details are not provided in the connected docs; CVSSv3.1 is lis...
Cisco HyperFlex HX 未授权命令注入漏洞(CVE-2021-1497 CVE-2021-1498)
CVE-2021-1497 and/or CVE-2021-1498 Command injection in the /storfs-asup endpoint’s token and mode parameters. Patch --- unpatched/web.xml 2021-05-17 19:06:17.000000000 -0500 +++ patched/web.xml 2021-05-17 19:06:23.000000000 -0500 @@ -69,17 +69,6 @@ - Springpath Storfs ASUP -...
CVE-2020-8539
Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an attacker to inject unauthorized commands, by executing the micomd executable deamon, to trigger unintended functionalities. In addition, this executable may be used by an attacker t...
CVE-2020-8539
CVE-2020-8539 affects Kia Motors head units (SOP.003.30.18.0703, SOP.005.7.181019, SOP.007.1.191209). The vulnerability arises from an arbitrary command execution via the micomd daemon, enabling an attacker with local access to inject commands and generate CAN frames on the M-CAN multimedia bus. ...
Command Execution Vulnerability in Marlboze/Marlboze-w30 Series Cameras at Shenzhen Anjubao Electronics Co.
Marbleizer camera software enables all kinds of hardware alarm effects, so that you can enjoy a real-time home monitoring experience, so that you can easily understand all the situations in the family. Shenzhen Anjubao Electronics Co., Ltd Marlboze/Marlboze-w30 series cameras have a command...