Lucene search
K

34 matches found

CNVD
CNVD
added 2025/01/17 12:0 a.m.1 views

WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-08334)

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that originates from the touchlistsync.cgi touchlistsync function failing to correctly filter constructed command special characters, commands, etc. An attacker could u...

10CVSS7.7AI score0.1579EPSS
Exploits1References1
CNVD
CNVD
added 2025/01/17 12:0 a.m.5 views

WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-09263)

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that arises from the wireless.cgi AddMac function failing to properly filter special characters, commands, etc. used to construct commands. An attacker can exploit this...

9.1CVSS7.7AI score0.08494EPSS
Exploits1References1
CVE
CVE
added 2025/01/14 2:21 p.m.57 views

CVE-2024-34544

CVE-2024-34544 affects the Wavlink AC3000 family (M33A8.V5030.210505). The vulnerability resides in wireless.cgi AddMac() where an unfiltered POST parameter (addMac) is copied to the heap and later used in an sprintf, then passed to system(), enabling arbitrary command execution after an authenti...

9.1CVSS7.5AI score0.08494EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2024/07/26 12:0 a.m.1 views

TOTOLINK A6000R apcli_do_enr_pbc_wps function command injection vulnerability

TOTOLINK A6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A6000R suffers from a command injection vulnerability that stems from the ifname parameter in the apclidoenrpbcwps function failing to correctly filter constructed command special characters, commands, and s...

8CVSS7AI score0.02293EPSS
Exploits1References1
CNVD
CNVD
added 2023/12/19 12:0 a.m.17 views

NETGEAR WNR2000 Command Execution Vulnerability

The NETGEAR WNR2000 is a wireless router from NETGEAR. A command execution vulnerability exists in NETGEAR WNR2000 v4 version 1.0.0.70, which stems from an application failing to properly filter constructed command special characters, commands, and more. An attacker could exploit this vulnerabili...

9.8CVSS7.4AI score0.04007EPSS
Exploits1References1
CNVD
CNVD
added 2023/10/13 12:0 a.m.9 views

D-Link DAP-X1860 Code Execution Vulnerability

The D-Link DAP-X1860 is a wireless router from China-based AUO D-Link. The D-Link DAP-X1860 suffers from a code execution vulnerability that stems from an application's failure to properly filter special elements of constructed code segments. An attacker could exploit this vulnerability to execut...

8.8CVSS7.8AI score0.01457EPSS
Exploits1References1
OSV
OSV
added 2020/01/28 4:15 p.m.9 views

CVE-2014-2906

The psub function in fish aka fish-shell 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name...

7CVSS9.1AI score0.00314EPSS
Exploits0References4
Cvelist
Cvelist
added 2019/03/21 7:55 p.m.27 views

CVE-2019-7537

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

9.9AI score0.03442EPSS
Exploits1References2
Veracode
Veracode
added 2017/05/22 1:29 a.m.18 views

Arbitrary Command Execution

windows-cpu is vulnerable to arbitrary command execution. This is because the findLoad method doesn't sanitize or perform any validation before passing user-input to the shell...

9.8CVSS9.4AI score0.04236EPSS
Exploits1References3Affected Software1
OpenVAS
OpenVAS
added 2016/12/22 12:0 a.m.13 views

CentOS Update for vim-common CESA-2016:2972 centos7

Check the version of vim-common SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882616";...

7.8CVSS6.2AI score0.25314EPSS
Exploits2References2
OSV
OSV
added 2015/12/05 10:3 a.m.7 views

MGASA-2015-0465 Updated cups-filters packages fix security vulnerability

Michal Kowalczyk discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands CVE-2015-8327...

7.5CVSS7.2AI score0.10171EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2005/08/14 12:0 a.m.34 views

gforgeexec.txt

-------------------------------------------------------------------------- Vendor : Gforge http://gforge.org Product : gforge Affected versions : = 4.0 & Debian pkg 3.1-30 Vulnerability : Input validation flaw Problem-Type : remote Severity : High, arbitrary command execution Author : Filippo Spi...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/05/05 12:0 a.m.14 views

IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (2)

IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution 2 source: https://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.43 views

IkonBoard v3.1.1: arbitrary command execution

============================================================================ Vulnerable: IkonBoard 3.1.1 and probably earlier Category: Perl/CGI coding errors Impact: Arbitrary command execution Date: 1st April 2003 Vendor: The Jarvis Group Homepage: http://www.ikonboard.com/ Vendor Status: First...

0.3AI score
Exploits0
Rows per page
Query Builder