Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

NVD
NVDadded 2026/06/13 9:16 p.m.9 views

CVE-2026-12174

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...

9CVSS0.00582EPSS
Exploits0References6
BDU FSTEC
BDU FSTECadded 2025/02/04 12:0 a.m.5 views

The vulnerability of the setVpnAccountCfg() function (located in web/cgi-bin/cstecgi.cgi) in the TOTOLINK X5000R router’s microprogramming software allows a malicious actor to execute arbitrary commands.

The vulnerability of the setVpnAccountCfg function located at web/cgi-bin/cstecgi.cgi in the TOTOLINK X5000R router’s microprogramming software is related to the failure to eliminate special elements used in the operating system’s command processing when handling the pass parameter. Exploiting th...

10CVSS8.3AI score0.01573EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/01/09 12:0 a.m.4 views

PT-2025-3384 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version V9.1.0cu.2350 B20230313 Description: The issue is related to the setVpnAccountCfg function, specifically the /web/cgi-bin/cstecgi.cgi endpoint, where the desc parameter is not properly sanitized, allowing an attacker t...

10CVSS9.6AI score0.01573EPSS
Exploits1References7
Rows per page
Query Builder