Lucene search
K

31 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.10 views

CVE-2026-8264

A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. It is...

8.8CVSS6.3AI score0.02891EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/11 6:31 a.m.12 views

EUVD-2026-29020

A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. It is...

8.8CVSS6.4AI score0.02891EPSS
Exploits1References6
NVD
NVD
added 2026/05/11 4:16 a.m.18 views

CVE-2026-8264

A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. It is...

8.8CVSS0.02891EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/11 2:15 a.m.53 views

CVE-2026-8264 Tenda AC6 httpd WifiApScan formWifiApScan os command injection

A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. It is...

6.5CVSS0.02891EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/11 2:15 a.m.12 views

CVE-2026-8264

A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. It is...

6.5CVSS5.6AI score0.02891EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/05/11 2:15 a.m.32 views

CVE-2026-8264

CVE-2026-8264 affects Tenda AC6 15.03.06.23. The vulnerability is in httpd, specifically the formWifiApScan function in /goform/WifiApScan. An attacker can manipulate the arguments wl2g.public.country/wl5g.public.country to trigger an OS command injection, with remote feasibility. The description...

8.8CVSS6.4AI score0.02891EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.8 views

Tenda AC6 命令注入漏洞

Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version 15.03.06.23 of Tenda AC6 has a command injection vulnerability. This vulnerability stems from the function formWifiApScan in the httpd component’s file/goform/WifiApScan, which processes parameters...

8.8CVSS6.6AI score0.02891EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-52581

Malicious code in bioql PyPI...

3.3CVSS4.4AI score0.00091EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-31180

Malicious code in bioql PyPI...

8.2CVSS6.3AI score0.01096EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-52579

Malicious code in bioql PyPI...

3.3CVSS4.4AI score0.00091EPSS
Exploits0References1
NVD
NVD
added 2025/09/26 1:15 a.m.8 views

CVE-2025-60017

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the hostapdrestart.sh wifissid or wifipass parameter within restartwifiap and restartwifista...

8.2CVSS0.01096EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/14 12:10 a.m.13 views

CVE-2025-45585

Multiple stored cross-site scripting XSS vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifistassid or wifiapssid parameters...

5.4CVSS5.9AI score0.0019EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.9 views

PT-2025-37349

Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder version 2.0 Description: The software contains multiple stored cross-site scripting XSS vulnerabilities. Attackers can execute arbitrary web scripts or HTML by injecting a crafted payload into the wifi...

5.4CVSS5.5AI score0.0019EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/22 10:50 p.m.7 views

CVE-2022-30750

Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected...

3.3CVSS6.8AI score0.00091EPSS
Exploits0References1
CVE
CVE
added 2024/04/17 10:27 a.m.122 views

CVE-2024-26896

CVE-2024-26896 refers to a memory-leak issue in the Linux kernel wifi driver (wfx) when starting an AP. The root cause, as described in the sources, is that memory allocated by ieee80211_beacon_get() is never released, leading to kmemleak-reported unreferenced objects and potential memory exhaust...

5.5CVSS6.3AI score0.00225EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/01/23 11:15 p.m.19 views

CVE-2023-35837

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. Authentication for web interface is completed via an unauthenticated WiFi AP. The administrative password for the web interface has a default password, equal to the registration ID of the device. This same registration ID is used as...

9.8CVSS9.7AI score0.00976EPSS
Exploits0References4
CVE
CVE
added 2024/01/23 12:0 a.m.61 views

CVE-2023-35837

CVE-2023-35837 affects SolaX Pocket WiFi versions up to 3.001.02. An unauthenticated WiFi AP provides web-interface access, and the admin password defaults to the device's registration ID (also used as the WiFi SSID). There is no enforced change-on-first-use or user alert for the default password...

9.8CVSS9.5AI score0.00976EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/01/02 12:0 a.m.5 views

MacGeiger 注入漏洞

MacGeiger is a WIFI AP locator utility by rofl0r individual developers. MacGeiger suffers from an injection vulnerability that originates in the function dumpwlanat in the file macgeiger. c that can lead to injection...

7.8CVSS5.6AI score0.00496EPSS
Exploits0References4
OSV
OSV
added 2022/10/25 5:15 p.m.5 views

CVE-2022-33195

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

10CVSS6AI score0.03244EPSS
Exploits1References1
OSV
OSV
added 2022/10/25 5:15 p.m.4 views

CVE-2022-33194

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

10CVSS6AI score0.03073EPSS
Exploits1References1
Rows per page
Query Builder