CVE-2026-7611 TRENDnet TEW-821DAP Firmware Update cameo_dev.sh platform_do_upgrade_cameo_dev data authenticity

A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function platformdoupgradecameodev of the file cameodev.sh of the component Firmware Update Handler. Performing a manipulation results in insufficient verification of data authenticity. The attack is possible to be...

CVE-2026-29522

ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion LFI vulnerability in the /server/nodeupgradesrv.js endpoint. An unauthenticated attacker can supply directory traversal sequences via the firmware parameter to access arbitrary files on the server, leading to...

EUVD-2026-12520

ZwickRoell Test Data Management versions prior to 3.0.8 contain a local file inclusion LFI vulnerability in the /server/nodeupgradesrv.js endpoint. An unauthenticated attacker can supply directory traversal sequences via the firmware parameter to access arbitrary files on the server, leading to...

D-Link DWR-M920 命令注入漏洞

The D-Link DWR-M920 is a router from China AUO D-Link. A command injection vulnerability exists in the D-Link DWR-M920 version 1.1.50 and earlier, which stems from incorrect manipulation of the parameter fotaurl in the file /boafrm/formLtefotaUpgradeQuectel, which could lead to a command injectio...

EUVD-2025-199679

Unauthenticated OS Command Injection startupgrade.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform User input passed directly to exec allows remote code execution via...

CVE-2025-66254

Unauthenticated Arbitrary File Deletion upgradecontents.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform The deleteupgrade parameter allows unauthenticated deletion of arbitrary...

CVE-2025-66253 Unauthenticated OS Command Injection (start_upgrade.php)

Unauthenticated OS Command Injection startupgrade.php in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform User input passed directly to exec allows remote code execution via...

DB Electronica Mozart FM Transmitter 安全漏洞

The DB Electronica Mozart FM Transmitter is a line of professional-grade FM radio transmitters from the Italian company DB Electronica. A security vulnerability exists in DB Electronica Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, and 7000 that originates fr...

CVE-2025-11666

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

EUVD-2025-34055

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

CVE-2025-11666 Tenda RP3 Pro Firmware Update force_upgrade.sh hard-coded password

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

CVE-2025-11666 Tenda RP3 Pro Firmware Update force_upgrade.sh hard-coded password

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

PT-2025-41760

Name of the Vulnerable Software and Affected Versions Tenda RP3 Pro versions through 22.5.7.93 Description A security issue exists in Tenda RP3 Pro up to version 22.5.7.93, specifically within the Firmware Update Handler component. Manipulation of the current force upgrade pwd argument in the for...

D-Link多款产品 操作系统命令注入漏洞

D-Link DI-8100G and others are products of China AUO D-Link.D-Link DI-8100G is a Gigabit Internet Behavior Management certified router.D-Link DI-8200G is an enterprise-class router.D-Link DI-8300G is a wireless broadband router designed for small and medium-sized network environments.The...

LPAR2RRD Remote Code Execution

This repository contains a proof of concept exploit for CVE-2025-54769, a vulnerability found in lpar2rrd. The vulnerability allows remote code execution and directory traversal by abusing the /lpar2rrd-cgi/upgrade.sh endpoint...

PT-2025-23535 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB versions prior to 1.8.39 Description: The issue affects MyBB, free and open source forum software. It is caused by the upgrade component not validating user input properly, allowing attackers to perform local file inclusion LFI via a...

CVE-2024-7579

A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.cgi of the component File Name Handler. The manipulation of the argument uploadedFile leads to os...

Arbitrary Code Execution

mautic/core is vulnerable to Arbitrary Code Execution. The vulnerability is due to insufficient validation and access control during the execution of the upgrade script, allowing an attacker to execute arbitrary code during the upgrade process...

Missing Authentication For Critical Function

Mautic is vulnerable to Missing Authentication for Critical Function. The vulnerability is due to insufficient protection of the upgrade script, which could lead to exploitation if Mautic is installed in a specific, vulnerable configuration...

CVE-2022-25770

Mautic allows you to update the application via an upgrade script. The upgrade logic isn't shielded off correctly, which may lead to vulnerable situation. This vulnerability is mitigated by the fact that Mautic needs to be installed in a certain way to be vulnerable...