CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

432 matches found

Razer Sila Gaming Router - Remote Code Execution

A command injection in the command parameter of Razer Sila Gaming Router v2.0.441api-2.0.418 allows attackers to execute arbitrary commands via a crafted POST request. id: CVE-2022-29013 info: name: Razer Sila Gaming Router - Remote Code Execution author: DhiyaneshDK severity: critical descriptio...

9.8CVSS7.6AI score0.92574EPSS

Exploits1References2

Positive Technologies•added 2026/05/07 12:0 a.m.•4 views

PT-2026-38439

Name of the Vulnerable Software and Affected Versions next-npm-version version 1.0.1 Description NPM package next-npm-version is subject to command injection, a flaw that allows an attacker to execute arbitrary operating system commands on the server. Recommendations At the moment, there is no...

9.8CVSS6.1AI score0.00106EPSS

Exploits0References6

RedhatCVE•added 2026/01/09 12:40 p.m.•5 views

CVE-2023-43128

D-LINK DIR-806 1200M11AC wireless router DIR806A1FW100CNb11 is vulnerable to command injection due to lax filtering of HTTPST parameters...

9.8CVSS7.4AI score0.0142EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:37 p.m.•4 views

CVE-2023-49403

Tenda W30E V16.01.0.124843 was discovered to contain a command injection vulnerability via the function setFixTools...

9.8CVSS8AI score0.01591EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:34 p.m.•8 views

CVE-2023-45239

A lack of input validation exists in tacplus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tacplus to inject shell commands and gain remote code execution on the tacplus server...

9.8CVSS7.9AI score0.28689EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:43 a.m.•6 views

CVE-2022-26214

Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function NTPSyncWithHost. This...

9.8CVSS8.7AI score0.2647EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:40 a.m.•3 views

CVE-2022-35521

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameters: remoteManagementEnabled, blockPortScanEnabled, pingFrmWANFilterEnabled and blockSynFloodEnabled, which leads to command injection in page /mansecurity.shtml...

9.8CVSS7.5AI score0.05029EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:6 a.m.•3 views

CVE-2024-34352

1Panel is an open source Linux server operation and maintenance management panel. Prior to v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol...

7.5CVSS6.9AI score0.0219EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:41 a.m.•8 views

CVE-2022-0848

OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11...

10CVSS7AI score0.40258EPSS

Exploits5References1

RedhatCVE•added 2026/01/09 8:33 a.m.•5 views

CVE-2024-39351

A vulnerability regarding improper neutralization of special elements used in an OS command 'OS Command Injection' is found in the NTP configuration. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following models wi...

7.2CVSS7.8AI score0.00595EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:14 a.m.•5 views

CVE-2024-2982

A vulnerability has been found in Tenda FH1202 1.2.0.14408 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. The exploit has been disclosed to the public and...

8.8CVSS7.4AI score0.05141EPSS

Exploits1References1