14 matches found
EUVD-2026-25970
A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...
CVE-2026-1460
CVE-2026-1460 affects Zyxel DX3301-T0 and EX3301-T0 devices up to firmware 5.50(ABVY.7.1)C0. A post-authentication command-injection vulnerability exists in the DHCP configuration file’s DomainName parameter. An authenticated attacker with administrator privileges could execute OS commands on an ...
CVE-2025-13943
A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50ABVY.7C0 could allow an authenticated attacker to execute operating system OS commands on an affected device...
Zyxel VMG3625-T50B 操作系统命令注入漏洞
The Zyxel VMG3625-T50B is a WiFi device produced by the Zyxel company. The firmware version 5.50ABPM.9.7C0 and earlier contain a vulnerability related to operating system command injection. This vulnerability stems from the CGI program used for downloading the TR-369 certificate, which allows for...
PT-2026-21645
Name of the Vulnerable Software and Affected Versions Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.7C0 Description A post-authentication command injection exists in the TR-369 certificate download CGI program. An authenticated attacker with administrator privileges could execute...
CVE-2025-6599
An uncontrolled resource consumption vulnerability in the web server of Zyxel DX3301-T0 firmware version 5.50ABVY.6.3C0 and earlier could allow an attacker to perform Slowloris‑style denial‑of‑service DoS attacks. Such attacks may temporarily block legitimate HTTP requests and partially disrupt...
Zyxel DX3300-T0 操作系统命令注入漏洞
The Zyxel DX3300-T0 is a small wireless WiFi router from China Hopkins Zyxel. An operating system command injection vulnerability exists in Zyxel DX3300-T0 5.50 ABVY.6.3 C0 and earlier versions, which stems from the presence of post-authentication command injection in the priv parameter, which...
PT-2024-7284 · Zyxel · Zyxel Vmg8825-T50K
Name of the Vulnerable Software and Affected Versions: Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 Description: The issue is related to an improper restriction of operations within the bounds of a memory buffer, which could allow an authenticated attacker with administrator privileg...
PT-2024-12665 · Unknown · Vmg3625-T50B
Name of the Vulnerable Software and Affected Versions: VMG3625-T50B firmware version V5.50ABPM.8C0 Description: The issue is related to a buffer overflow vulnerability in the CGI program, which could allow an authenticated remote attacker to cause denial of service DoS conditions by sending a...
[SECURITY] [DLA 3689-1] bluez security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3689-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb December 14, 2023 https://wiki.debian.org/LTS -...
HP OmniInet.exe MSG_PROTOCOL Buffer Overflow
This module exploits a stack-based buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted MSGPROTOCOL 0x010b packet, a remote attacker may be able to execute arbitrary code with elevated privileges. This service is installed with HP OpenView Data Protector, HP...
CentOS Update for unzip CESA-2008:0196-01 centos2 i386
Check for the Version of unzip OpenVAS Vulnerability Test CentOS Update for unzip CESA-2008:0196-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
DSA-1012-1 unzip - buffer overflow
Bulletin has no description...
[SA17602] VP-ASP Shopping Cart "UserName" Cross-Site Scripting Vulnerability
TITLE: VP-ASP Shopping Cart "UserName" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA17602 VERIFY ADVISORY: http://secunia.com/advisories/17602/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: VP-ASP Shopping Cart 5.x http://secunia.com/product/1832/...