CVE-2025-60684

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB V9.1.0u.6619B20230130 and NR1800X V9.1.0u.6681B20230703 Router firmware within the cstecgi.cgi binary sub42F32C function. The web interface reads the "lang" parameter and constructs Help URL strings using sprintf into fixed-siz...

CVE-2025-60702

A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the system.so binary. The setDiagnosisCfg function retrieves the ipDoamin parameter from user input via websGetVar and concatenates it directly into a ping system command executed via...

CVE-2025-60702

TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL is affected by a command-injection in the system.so binary. The setDiagnosisCfg function reads the ipDoamin parameter from user input via websGetVar and directly concatenates it into a ping command executed by CsteSystem(), without sanitiza...

CVE-2025-60701

The CVE-2025-60701 issue affects the D-Link DIR-882 router, specifically firmware DIR882A1_FW102B02. The vulnerability stems from the prog.cgi function sub_433188 and the rc binary’s sub_448FDC, where user-supplied EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, and AccountName are stored ...

PT-2025-46884

Name of the Vulnerable Software and Affected Versions D-Link DIR-882 Router firmware versions prior to DIR882A1 FW102B02 Description A command injection issue exists in the D-Link DIR-882 Router firmware. The sub 433188 function within the prog.cgi binary stores user-provided email configuration...

PT-2025-46854

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center affected versions not specified Description A flaw exists in the web-based management interface of Cisco Catalyst Center that could permit a remote attacker, without needing to authenticate, to carry out a cross-site...

CVE-2025-60697

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub4438A4 function in prog.cgi stores user-supplied DDNS parameters ServerAddress and Hostname in NVRAM via nvramsafeset. These values are later retrieved in th...

Cisco Catalyst Center Virtual Appliance 输入验证错误漏洞

Cisco Catalyst Center Virtual Appliance is a network controller and automated management platform from the American company Cisco Cisco. An input validation error vulnerability exists in the Cisco Catalyst Center Virtual Appliance that stems from improper validation of HTTP request parameters in...

PT-2025-46845

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB V9.1.0u.6619 B20230130 and NR1800X V9.1.0u.6681 B20230703 Router firmware within the cstecgi.cgi binary sub 42F32C function. The web interface reads the "lang" parameter and constructs Help URL strings using sprintf into...

PT-2025-46855

A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit...

Siemens RUGGEDCOM ROX II Unrestricted Upload of File with Dangerous Type (CVE-2025-33023)

The affected devices do not properly enforce the restriction of files that can be uploaded from the web interface. This could allow an authenticated remote attacker with high privileges in the web interface to upload arbitrary files. This plugin only works with Tenable.ot. Please visit...

Generex UPS Adapter CS141 Authenticated Remote Code Execution (CVE-2022-42457)

Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches runupdate in /usr/bin/gxserve-update.sh e.g., command execution can occur via a reverse shell installed by install.sh. This plugin only works with Tenable.ot. Please visit...

Security Bulletin: IBM QRadar SIEM is affected by cross-site scripting (CVE-2025-36170, CVE-2025-36138)

Summary IBM QRadar SIEM is affected by cross-site scripting . IBM has addressed the issue in the latest update. Vulnerability Details CVEID:CVE-2025-36170 DESCRIPTION: IBM QRadar is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary...

CVE-2025-65002

Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters...

EUVD-2025-38253

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.6.224 and prior contain a code injection vulnerability in the Direct Connections feature that allows malicious external model servers to execute arbitrary JavaScript in victim browsers vi...

CVE-2025-36135

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.71, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.71, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary...

CVE-2025-36135 IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable to Cross-Site Scripting

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.71, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.71, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary...

CVE-2025-52602

HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application. An HTTP GET endpoint request returns discoverable responses that may disclose: group names, active user names or IDs. An attacker can use that information to target individuals with phishing or othe...

Lexmark Printers Improper Input Validation (CVE-2023-26069)

An input validation vulnerability has been identified in the web API in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503901; scriptversion"1.3";...

VulnCheck KEV: CVE-2024-54006

Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged...