34 matches found
WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-08334)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that originates from the touchlistsync.cgi touchlistsync function failing to correctly filter constructed command special characters, commands, etc. An attacker could u...
WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-09263)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that arises from the wireless.cgi AddMac function failing to properly filter special characters, commands, etc. used to construct commands. An attacker can exploit this...
CVE-2024-34544
CVE-2024-34544 affects the Wavlink AC3000 family (M33A8.V5030.210505). The vulnerability resides in wireless.cgi AddMac() where an unfiltered POST parameter (addMac) is copied to the heap and later used in an sprintf, then passed to system(), enabling arbitrary command execution after an authenti...
TOTOLINK A6000R apcli_do_enr_pbc_wps function command injection vulnerability
TOTOLINK A6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A6000R suffers from a command injection vulnerability that stems from the ifname parameter in the apclidoenrpbcwps function failing to correctly filter constructed command special characters, commands, and s...
NETGEAR WNR2000 Command Execution Vulnerability
The NETGEAR WNR2000 is a wireless router from NETGEAR. A command execution vulnerability exists in NETGEAR WNR2000 v4 version 1.0.0.70, which stems from an application failing to properly filter constructed command special characters, commands, and more. An attacker could exploit this vulnerabili...
D-Link DAP-X1860 Code Execution Vulnerability
The D-Link DAP-X1860 is a wireless router from China-based AUO D-Link. The D-Link DAP-X1860 suffers from a code execution vulnerability that stems from an application's failure to properly filter special elements of constructed code segments. An attacker could exploit this vulnerability to execut...
CVE-2014-2906
The psub function in fish aka fish-shell 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name...
CVE-2019-7537
An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...
Arbitrary Command Execution
windows-cpu is vulnerable to arbitrary command execution. This is because the findLoad method doesn't sanitize or perform any validation before passing user-input to the shell...
CentOS Update for vim-common CESA-2016:2972 centos7
Check the version of vim-common SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882616";...
MGASA-2015-0465 Updated cups-filters packages fix security vulnerability
Michal Kowalczyk discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands CVE-2015-8327...
gforgeexec.txt
-------------------------------------------------------------------------- Vendor : Gforge http://gforge.org Product : gforge Affected versions : = 4.0 & Debian pkg 3.1-30 Vulnerability : Input validation flaw Problem-Type : remote Severity : High, arbitrary command execution Author : Filippo Spi...
IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (2)
IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution 2 source: https://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data...
IkonBoard v3.1.1: arbitrary command execution
============================================================================ Vulnerable: IkonBoard 3.1.1 and probably earlier Category: Perl/CGI coding errors Impact: Arbitrary command execution Date: 1st April 2003 Vendor: The Jarvis Group Homepage: http://www.ikonboard.com/ Vendor Status: First...