Lucene search
K

127 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-15486

A vulnerability has been found in TRENDnet TEW-821DAP 1.11B03. This affects the function sub42026C of the file /goform/toolsddns of the component Firmware Update Handler. Such manipulation of the argument hostname/username/password leads to os command injection. The attack can be launched remotel...

6.5CVSS0.0105EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43209

A vulnerability was found in TRENDnet TEW-821DAP 1.11B03. This impacts the function sub41FBD0 of the file /goform/systemntp of the component Firmware Update Handler. Performing a manipulation of the argument Hostname results in os command injection. The attack may be initiated remotely. The vendo...

6.5CVSS6.5AI score0.0105EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-15487 TRENDnet TEW-821DAP Firmware Update system_ntp sub_41FBD0 os command injection

A vulnerability was found in TRENDnet TEW-821DAP 1.11B03. This impacts the function sub41FBD0 of the file /goform/systemntp of the component Firmware Update Handler. Performing a manipulation of the argument Hostname results in os command injection. The attack may be initiated remotely. The vendo...

6.5CVSS0.0105EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-15486 TRENDnet TEW-821DAP Firmware Update tools_ddns sub_42026C os command injection

A vulnerability has been found in TRENDnet TEW-821DAP 1.11B03. This affects the function sub42026C of the file /goform/toolsddns of the component Firmware Update Handler. Such manipulation of the argument hostname/username/password leads to os command injection. The attack can be launched remotel...

6.5CVSS0.0105EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-57532

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP version 1.11B03 Description An OS command injection flaw exists in the Firmware Update Handler component. A remote attacker can trigger this issue by manipulating the Hostname argument within the sub 41FBD0 function of the...

6.5CVSS6.7AI score0.0105EPSS
Exploits0References8
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-13756 WP Grid Builder <= 2.3.3 - Authenticated (Subscriber+) Privilege Escalation via 'key' Parameter

The WP Grid Builder plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.3.3. This is due to missing authorization and meta key validation in the update handler for the /wp-json/wpgb/v2/metadata REST endpoint. This makes it possible for authenticated...

8.8CVSS0.00309EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/24 8:30 p.m.13 views

CVE-2026-9397 Besen BS20 EV Charging Station OTA Update Installation improper authorization

A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. A high degree...

9.2CVSS6.5AI score0.00454EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/24 8:30 p.m.18 views

EUVD-2026-31551

A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. A high degree...

9.2CVSS6.5AI score0.00454EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.13 views

CVE-2026-8210

A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.go of the component Update Handler. The manipulation leads to command injection. Local access is required to approach this...

5.3CVSS5.6AI score0.00851EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 7:48 a.m.11 views

CVE-2026-6932

The Woo Commerce Minimum Weight plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 3.0.1. This is due to missing nonce verification on the settings update handler in edit-weight.php. This makes it possible for unauthenticated attackers to modify t...

4.3CVSS5.7AI score0.00132EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

WordPress plugin Woo Commerce Minimum Weight 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

4.3CVSS5.8AI score0.00132EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/09 9:32 p.m.22 views

EUVD-2026-28941

A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.go of the component Update Handler. The manipulation leads to command injection. Local access is required to approach this...

5.3CVSS5.3AI score0.00851EPSS
Exploits0References5
NVD
NVD
added 2026/05/09 9:16 p.m.33 views

CVE-2026-8210

A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.go of the component Update Handler. The manipulation leads to command injection. Local access is required to approach this...

5.3CVSS0.00851EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/09 9:0 p.m.43 views

CVE-2026-8210 aandrew-me tgpt Update helper.go helper.Update command injection

A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.go of the component Update Handler. The manipulation leads to command injection. Local access is required to approach this...

5.3CVSS0.00851EPSS
Exploits0References4
CVE
CVE
added 2026/05/09 9:0 p.m.22 views

CVE-2026-8210

CVE-2026-8210 affects aandrew-me tgpt up to version 2.11.1 on Linux/macOS. The vulnerability resides in the Update Handler’s helper.Update function (helper.go), enabling local command injection due to the underlying flaw. Exploitation is disclosed publicly and may be used; no exploit status is pr...

5.3CVSS5.6AI score0.00851EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.19 views

PT-2026-39416

Name of the Vulnerable Software and Affected Versions andrew-me tgpt versions prior to 2.11.2 Description Command injection is possible in the Update Handler component via the Update function within the helper.go file. This issue requires local access to be exploited. Recommendations Update to a...

5.3CVSS6AI score0.00851EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.13 views

tgpt 注入漏洞

tgpt is a cross-platform command line AI tool by Andrew Personal Developer. An injection vulnerability exists in tgpt 2.11.1 and earlier versions on Linux/macOS, which stems from the function helper.Update in the file helper.go in the component Update Handler, and could lead to command injection...

5.3CVSS6AI score0.00851EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.13 views

CVE-2026-7611

A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function platformdoupgradecameodev of the file cameodev.sh of the component Firmware Update Handler. Performing a manipulation results in insufficient verification of data authenticity. The attack is possible to be...

8.1CVSS5AI score0.00234EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.10 views

CVE-2026-7606

A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function findhwid/newguiupdatefirmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be launch...

8.1CVSS5.4AI score0.00234EPSS
Exploits1References1
NVD
NVD
added 2026/05/02 10:16 a.m.9 views

CVE-2026-7611

A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function platformdoupgradecameodev of the file cameodev.sh of the component Firmware Update Handler. Performing a manipulation results in insufficient verification of data authenticity. The attack is possible to be...

8.1CVSS0.00234EPSS
Exploits1References4
Rows per page
Query Builder