Lucene search
K

2565 matches found

RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.13 views

CVE-2026-9404

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...

10CVSS7.1AI score0.01732EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 6:59 p.m.14 views

EUVD-2026-33420

A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...

5.3CVSS5.6AI score0.00239EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.19 views

PT-2026-44972

Name of the Vulnerable Software and Affected Versions TP-Link TL-SG108PE v5 affected versions not specified Description A stored cross-site scripting XSS issue exists in the web management interface. This occurs because the SYSNAM configuration parameter is not properly sanitized during the...

5.3CVSS5.7AI score0.00239EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/28 8:13 p.m.13 views

CVE-2026-9434

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be...

10CVSS7AI score0.01732EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/28 8:13 p.m.15 views

CVE-2026-9458

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed fr...

10CVSS7.1AI score0.02094EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:32 p.m.13 views

CVE-2026-24444

SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints mgmt.php, npcmd.php that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the...

9.8CVSS5.8AI score0.00535EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/28 2:15 p.m.16 views

CVE-2026-9628

A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipulation of the argument PPTP server address/username/password/tunnel name causes stack-based buffer...

9CVSS7.8AI score0.00472EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/28 2:15 p.m.16 views

CVE-2026-9454

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

10CVSS7AI score0.01909EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/28 2:15 p.m.14 views

CVE-2026-9436

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...

10CVSS7AI score0.02005EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.15 views

SDMC NE6037 信任管理问题漏洞

SDMC NE6037 is a wired modem produced by SDMC Corporation in China. The SDMC NE6037 cable modem routers come in versions 7.1.6.0.25 and 7.1.6.1.9B9. There are vulnerabilities related to trust management in these versions. The vulnerability stems from hard-coded passwords present in the Web...

9.8CVSS5.8AI score0.00535EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.17 views

CVE-2026-9478

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be performe...

10CVSS7AI score0.01909EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.14 views

CVE-2026-9406

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...

10CVSS7AI score0.01732EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.14 views

CVE-2026-9385

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument command causes os command injection. The attack is possible to be...

10CVSS7AI score0.01732EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.18 views

CVE-2026-5509

An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1 router that allows an administrator to execute arbitrary system commands through the web management interface. After successfully authenticating to the admin interface, an attacker can leverage the...

8.5CVSS0.02458EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 5:26 p.m.51 views

CVE-2026-5509 Arbitrary Command Injection via Browser Developer Console in TP-Link Archer BE450 and BE7200

An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1 router that allows an administrator to execute arbitrary system commands through the web management interface. After successfully authenticating to the admin interface, an attacker can leverage the...

8.5CVSS0.02458EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:16 a.m.24 views

CVE-2026-9627

A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in buffer overflow. The attack can be launched...

9CVSS0.00497EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:16 a.m.24 views

CVE-2026-9631

A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of the argument Profile results in stack-based buffer...

9CVSS0.00438EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/27 1:30 a.m.33 views

CVE-2026-9632 UTT HiPER 1250GW Web Management formGroupConfig strcpy stack-based overflow

A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Executing a manipulation of the argument Profile can lead to stack-based buffer overflow. It is possibl...

9CVSS0.00463EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/27 1:30 a.m.13 views

CVE-2026-9632 UTT HiPER 1250GW Web Management formGroupConfig strcpy stack-based overflow

A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Executing a manipulation of the argument Profile can lead to stack-based buffer overflow. It is possibl...

9CVSS7.7AI score0.00463EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/27 1:30 a.m.16 views

CVE-2026-9632

A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Executing a manipulation of the argument Profile can lead to stack-based buffer overflow. It is possibl...

9CVSS6.2AI score0.00463EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder