CVE-2025-67038

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attackers to inject arbitrary OS commands into the...

EUVD-2026-6082

A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the function webgetddnsuptime of the file /jdcapi of the component jdcwebrpc. Performing a manipulation results in Remote Privilege Escalation. The attack is possible to be carried out remotely. The exploit...

CVE-2026-2562 JingDong JD Cloud Box AX6600 jdcweb_rpc jdcapi cast_streen privileges management

A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the function caststreen of the file /jdcapi of the component jdcwebrpc. Executing a manipulation of the argument File can lead to Remote Privilege Escalation. The attack may be performed from remote. Th...

PT-2024-39592

Name of the Vulnerable Software and Affected Versions ThingsBoard versions up to 3.7.0 Description A vulnerability has been found in the HTTP RPC API component of ThingsBoard, which can lead to resource consumption. The attack can be launched remotely, but the complexity of an attack is rather hi...

CVE-2022-46478

The RPC interface in datax-web v1.0.0 and v2.0.0 to v2.1.2 contains no permission checks by default which allows attackers to execute arbitrary commands via crafted Hessian serialized data...

PHPXMLRPC < 1.1 - Remote Code Execution

PHPXMLRPC Remote Code Execution Vendor: Useful Information Inc. Product: PHPXMLRPC Version: = 1.1 Website: http://phpxmlrpc.sourceforge.net/ BID: 14088 CVE: CVE-2005-1921 OSVDB: 17793 SECUNIA: 15852 PACKETSTORM: 38394 Description: PHPXMLRPC aka XML-RPC For PHP is a PHP implementation of the XML-R...