23 matches found
EUVD-2025-18358
Malicious code in bioql PyPI...
EUVD-2025-18357
Malicious code in bioql PyPI...
CVE-2025-6103
A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller up to 20250506. Affected by this issue is some unknown functionality of the file /billing/testaccesscodelogin.php. The manipulation of the argument Password leads to os command injection. The attack m...
CVE-2025-6102
A vulnerability classified as critical was found in Wifi-soft UniBox Controller up to 20250506. Affected by this vulnerability is an unknown functionality of the file /authentication/logout.php. The manipulation of the argument macaddress leads to os command injection. The attack can be launched...
CVE-2025-6104
A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects an unknown part of the file /billing/pmscheck.php. The manipulation of the argument ipaddress leads to os command injection. It is possible to initiate the attack remotely. The...
CVE-2025-6104 Wifi-soft UniBox Controller pms_check.php os command injection
A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects an unknown part of the file /billing/pmscheck.php. The manipulation of the argument ipaddress leads to os command injection. It is possible to initiate the attack remotely. The...
CVE-2025-6104
CVE-2025-6104 affects Wifi-soft UniBox Controller up to 20250506. The vulnerability is an OS command injection in the /billing/pms_check.php handling of the ipaddress argument. It can be triggered remotely, with exploit details publicly disclosed. Remediation guidance in PT-2025-25515 suggests re...
CVE-2025-6103
A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller up to 20250506. Affected by this issue is some unknown functionality of the file /billing/testaccesscodelogin.php. The manipulation of the argument Password leads to os command injection. The attack m...
CVE-2025-6102
A vulnerability classified as critical was found in Wifi-soft UniBox Controller up to 20250506. Affected by this vulnerability is an unknown functionality of the file /authentication/logout.php. The manipulation of the argument macaddress leads to os command injection. The attack can be launched...
CVE-2025-6103 Wifi-soft UniBox Controller test_accesscodelogin.php os command injection
A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller up to 20250506. Affected by this issue is some unknown functionality of the file /billing/testaccesscodelogin.php. The manipulation of the argument Password leads to os command injection. The attack m...
CVE-2025-6103 Wifi-soft UniBox Controller test_accesscodelogin.php os command injection
A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller up to 20250506. Affected by this issue is some unknown functionality of the file /billing/testaccesscodelogin.php. The manipulation of the argument Password leads to os command injection. The attack m...
CVE-2025-6102 Wifi-soft UniBox Controller logout.php os command injection
A vulnerability classified as critical was found in Wifi-soft UniBox Controller up to 20250506. Affected by this vulnerability is an unknown functionality of the file /authentication/logout.php. The manipulation of the argument macaddress leads to os command injection. The attack can be launched...
Wifisoft UniBox Controller 命令注入漏洞
Wifisoft UniBox Controller is a small smart access controller from Wifisoft Corporation, USA. A command injection vulnerability exists in Wifisoft UniBox Controller 20250506 and prior versions, which stems from an os command injection issue that could lead to the execution of arbitrary commands...
PT-2025-25515 · Wifi Soft · Wifi-Soft Unibox Controller
Name of the Vulnerable Software and Affected Versions: Wifi-soft UniBox Controller versions up to 20250506 Description: A critical issue was found in Wifi-soft UniBox Controller, affecting an unknown part of the file /billing/pms check.php. The manipulation of the ipaddress argument leads to os...
PT-2025-25513 · Wifi Soft · Wifi-Soft Unibox Controller
Name of the Vulnerable Software and Affected Versions: Wifi-soft UniBox Controller versions up to 20250506 Description: A critical vulnerability was found in the Wifi-soft UniBox Controller, affecting an unknown functionality of the file /authentication/logout.php. The manipulation of the mac...
Wifisoft UniBox Controller 安全漏洞
Wifisoft UniBox Controller is a small smart access controller from Wifisoft Corporation, USA. A security vulnerability exists in Wifisoft UniBox Controller 20250506 and prior versions, which stems from an os command injection issue that could lead to the execution of arbitrary commands...
CVE-2019-3495
An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be...
CVE-2019-3496
An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostictoolscontroller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authenticati...
Hardcoded credentials
An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be...
Hardcoded credentials
An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostictoolscontroller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user privileges. Authenticati...