CVE-2025-65294

The vulnerability CVE-2025-65294 affects Aqara Hub devices: Camera Hub G3 (version 4.1.9_0027), Hub M2 (4.3.6_0027), and Hub M3 (4.3.6_0025). Connected documents describe an undocumented remote access mechanism that enables unrestricted remote command execution, i.e., attacker-controlled commands...

CVE-2018-11240

An issue was discovered on SoftCase T-Router build 20112017 devices. There are no restrictions on the 'exec command' feature of the T-Router protocol. If the command syntax is correct, there is code execution both on the other modem and on the main servers. This is fixed in production builds as o...

Debian DSA-3388-1 : ntp - security update

Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs : - CVE-2015-5146 A flaw was found in the way ntpd processed certain remote configuration packets. An attacker could use a specially crafted package to cause ntpd to crash if : - ntpd enabled remote...

GLSA-200412-01 : rssh, scponly: Unrestricted command execution

The remote host is affected by the vulnerability described in GLSA-200412-01 rssh, scponly: Unrestricted command execution Jason Wies discovered that when receiving an authorized command from an authorized user, rssh and scponly do not filter command-line options that can be used to execute any...

rssh, scponly: Unrestricted command execution

Background rssh and scponly are two restricted shells, allowing only a few predefined commands. They are often used as a complement to OpenSSH to provide access to remote users without providing any remote execution privileges. Description Jason Wies discovered that when receiving an authorized...