Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Packet Storm News
Packet Storm Newsadded 2026/01/02 12:0 a.m.3 views

Vatilon-based IP Cameras Authentication Bypass / Credential Exposure

Vatilon-based IP camera firmware contains an authentication bypass and plaintext credential exposure vulnerability in the /cgi-bin/web.cgi API. The web interface processes requests containing username and password parameters in plaintext without validating authentication state or session context,...

7.1AI score0.00015EPSS
Exploits2
CNNVD
CNNVDadded 2025/10/09 12:0 a.m.1 views

D-Link Nuclias Connect 安全漏洞

D-Link Nuclias Connect is a network management software from D-Link for centralized management of wireless access points APs, supporting multi-device remote control and reporting capabilities. A directory traversal vulnerability exists in D-Link Nuclias Connect, which stems from improper cleanup ...

7.2CVSS6.9AI score0.00302EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/07/29 12:0 a.m.0 views

TP-Link TL-WR841N 安全漏洞

The TP-LINK TL-WR841N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK TL-WR841N V11 version, which originates from insufficient validation of input parameters in the /userRpm/WlanNetworkRpm.htm file, which could result in a buffer overflow and denial of...

7.5CVSS6.1AI score0.00375EPSS
Exploits0References1
OSV
OSVadded 2025/05/27 4:15 a.m.2 views

CVE-2025-48827

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025...

9.8CVSS5.8AI score0.77631EPSS
Exploits4References3
RedhatCVE
RedhatCVEadded 2025/05/23 8:17 a.m.1 views

CVE-2024-36442

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...

8.8CVSS6AI score0.00166EPSS
Exploits1References1
CNNVD
CNNVDadded 2025/05/18 12:0 a.m.2 views

TOTOLINK N300RH 注入漏洞

TOTOLINK N300RH is a long range wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N300RH suffers from a command injection vulnerability that stems from the parameter FileName in the file /cgi-bin/cstecgi.cgi failing to properly filter constructed command special characters,...

9.8CVSS7.5AI score0.02406EPSS
Exploits0References7
CNNVD
CNNVDadded 2024/03/13 12:0 a.m.1 views

Movistar 4G router OS Command Injection Vulnerability

Movistar 4G router is a series of routers from Movistar Spain. The Movistar 4G router ESWLD71-T1v2.0.201820 firmware version has an operating system command injection vulnerability that originates from allowing authenticated users to execute commands within the router by sending a POST request to...

7.8CVSS7.8AI score0.00138EPSS
Exploits0References2
CNVD
CNVDadded 2024/01/30 12:0 a.m.2 views

TOTOLINK N200RE command parameter buffer overflow vulnerability

The TOTOLINK N200RE is a wireless router for the SOHO market. The TOTOLINK N200RE suffers from a buffer overflow vulnerability that originates from a stack-based buffer overflow in the command parameter of the setDiagnosisCfg function of /cgi-bin/cstecgi.cgi. No detailed vulnerability details are...

8.8CVSS7.5AI score0.00129EPSS
Exploits1References1
Rows per page
Query Builder