Lucene search
K

19026 matches found

EUVD
EUVD
added 2026/04/13 6:30 p.m.6 views

EUVD-2026-21990

Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800...

8.7CVSS5.8AI score0.00938EPSS
Exploits0References2
NVD
NVD
added 2026/04/13 4:16 p.m.3 views

CVE-2026-30809

Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800...

8.8CVSS0.00938EPSS
Exploits0References1
CVE
CVE
added 2026/04/13 3:46 p.m.10 views

CVE-2026-30809

The vulnerability CVE-2026-30809 affects Pandora FMS with WebServerModuleDebug in versions 777–800, caused by improper neutralization of special elements in OS commands (OS Command Injection). The CVE List also notes that this can lead to remote code execution. Attack vector is network with no us...

8.8CVSS5.8AI score0.00938EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/04/13 3:17 p.m.7 views

CVE-2026-33858

Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low. Users are recommended to upgrade to Apache Airflow 3.2.0,...

8.8CVSS0.00592EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/13 12:31 p.m.1 views

EUVD-2026-21908

LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...

8.5CVSS6.4AI score0.07533EPSS
Exploits1References3
OSV
OSV
added 2026/04/13 12:31 p.m.7 views

GHSA-7549-GGPQ-22W8 Duplicate Advisory: LibreNMS is Vulnerable to Remote Code Execution by Arbitrary File Write

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pr3g-phhr-h8fh. This link is maintained to preserve external references. Original Description LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing...

8.5CVSS6.4AI score0.07533EPSS
Exploits1References4
NVD
NVD
added 2026/04/13 11:16 a.m.8 views

CVE-2026-6204

LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...

8.5CVSS0.07533EPSS
Exploits1References2
CVE
CVE
added 2026/04/13 10:56 a.m.28 views

CVE-2026-6204

LibreNMS is affected (versions before 26.3.0) by an authenticated remote code execution vulnerability via the Binary Locations config and Netcommand feature. Exploitation requires administrative privileges and could compromise the underlying web server. Affected component is the software’s web in...

8.5CVSS6.4AI score0.07533EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/04/13 10:56 a.m.31 views

CVE-2026-6204

LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...

8.5CVSS0.07533EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/13 10:56 a.m.3 views

CVE-2026-6204

LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...

8.5CVSS6.4AI score0.07533EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.6 views

PT-2026-32331

LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...

8.5CVSS6.4AI score0.07533EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/12 9:31 a.m.7 views

EUVD-2026-21722

A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS6.3AI score0.00541EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/12 9:0 a.m.0 views

CVE-2026-6124 Tenda F451 httpd SafeMacFilter fromSafeMacFilter stack-based overflow

A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The attack can be executed...

9CVSS7.9AI score0.00673EPSS
Exploits0References5
NVD
NVD
added 2026/04/12 8:16 a.m.3 views

CVE-2026-6122

A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS0.00541EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/12 8:15 a.m.1 views

CVE-2026-6123 Tenda F451 httpd addressNat fromAddressNat stack-based overflow

A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of the argument entrys results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has...

9CVSS6.2AI score0.00518EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/12 7:30 a.m.1 views

CVE-2026-6122

A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS7.9AI score0.00541EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/12 7:30 a.m.11 views

CVE-2026-6122

CVE-2026-6122 affects Tenda F451 1.0.0.7. The issue occurs in the httpd component, specifically the function frmL7ProtForm in /goform/L7Prot, where manipulation of the argument page leads to a stack-based buffer overflow. The vulnerability is remotely exploitable over the network, and public disc...

9CVSS7.9AI score0.00541EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.5 views

Tenda F451 安全漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.7 of the Tenda F451 contains a security vulnerability. This vulnerability stems from the improper handling of the page parameter in the fmtL7ProtForm function within the httpd component, which may lead to a...

9CVSS7.7AI score0.00541EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.8 views

PT-2026-32153

A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public a...

9CVSS8AI score0.00673EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.6 views

Tenda F451 安全漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.7 of the Tenda F451 contains a security vulnerability. This vulnerability stems from the improper handling of the parameter entrys in the fromAddressNat function within the httpd component, potentially leadin...

9CVSS7.7AI score0.00518EPSS
Exploits0References6
Rows per page
Query Builder