Lucene search
K

59 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-28150

Malicious code in bioql PyPI...

6.8CVSS8.6AI score0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-41454

Malicious code in bioql PyPI...

8CVSS8.4AI score0.00382EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-28151

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01013EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/24 12:0 a.m.9 views

JVN#39435597: Multiple vulnerabilities in ELECOM wireless LAN routers

Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Unrestricted upload of file with dangerous type CWE-434 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Base Score 4...

9.8CVSS7.9AI score0.02628EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 10:8 a.m.9 views

CVE-2024-21798

ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious administrative user configures the affected product with specially crafted content. When another administrative user logs in and operates the product, an arbitrary script may be executed on the web...

4.8CVSS6.3AI score0.01289EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:49 a.m.8 views

CVE-2023-37561

Open redirect vulnerability in ELECOM wireless LAN routers and ELECOM wireless LAN repeaters allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. Affected products and versions are as follows: WRH-300WH-H v2.12...

6.1CVSS7AI score0.00395EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.9 views

CVE-2023-39455

OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all...

8.8CVSS7.6AI score0.01265EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/26 8:28 a.m.7 views

CVE-2024-30219

Active debug code vulnerability exists in PLANEX COMMUNICATIONS wireless LAN routers. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed. Note that MZK-MF300N is no longer supported, therefore the update for...

6.8CVSS6.6AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/26 8:21 a.m.6 views

CVE-2024-30220

Command injection vulnerability in PLANEX COMMUNICATIONS wireless LAN routers allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port. Note that MZK-MF300N is no longer supported, therefore the update for this...

8.8CVSS9.1AI score0.01013EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/08/23 12:0 a.m.21 views

JVN#12824024: BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection

Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability CWE-78. Impact If a user logs in to the management page and sends a specially crafted request to the affected product from the product's specific management page, an arbitrary OS...

5.7CVSS5.8AI score0.00595EPSS
Exploits0
NVD
NVD
added 2024/08/01 2:15 a.m.25 views

CVE-2024-34021

Unrestricted upload of file with dangerous type vulnerability exists in ELECOM wireless LAN routers. A specially crafted file may be uploaded to the affected product by a logged-in user with an administrative privilege, resulting in an arbitrary OS command execution...

6.8CVSS0.00364EPSS
Exploits0References2
CVE
CVE
added 2024/08/01 1:18 a.m.56 views

CVE-2024-40883

CVE-2024-40883 is a Cross-site request forgery vulnerability in ELECOM wireless LAN routers. The issue occurs when an administrator views a malicious page while logged into affected devices, which may cause unintended actions such as changing login credentials. Connected documents identify affect...

8.8CVSS6.5AI score0.00198EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/08/01 1:18 a.m.27 views

CVE-2024-40883

Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be directed to perform unintended operations such as changing the login ID, login password, etc...

6.5CVSS0.00198EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/01 1:17 a.m.17 views

CVE-2024-39607

OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the affected product by a logged-in user with an administrative privilege to execute an arbitrary OS command...

6.8CVSS7AI score0.00846EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/07/30 12:0 a.m.33 views

JVN#06672778: Multiple vulnerabilities in ELECOM wireless LAN routers

Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score 6.8 CVE-2024-34021 OS Command Injection CWE-78...

8.8CVSS7.8AI score0.00846EPSS
Exploits0
NVD
NVD
added 2024/04/15 11:15 a.m.13 views

CVE-2024-26023

OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands...

4.2CVSS7.6AI score0.0055EPSS
Exploits0References2
NVD
NVD
added 2024/04/15 11:15 a.m.26 views

CVE-2024-23486

Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials...

9.8CVSS6.7AI score0.00561EPSS
Exploits0References2
CVE
CVE
added 2024/04/15 10:51 a.m.66 views

CVE-2024-26023

CVE-2024-26023 affects BUFFALO wireless LAN routers. Affected component: BUFFALO WLR/WSR/WCR series firmware; vulnerability allows a logged-in user to execute arbitrary OS commands (OS command injection). Root cause and impact are described as command execution with local access; CVSS v3.1 base s...

4.2CVSS7.8AI score0.0055EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/04/15 10:50 a.m.22 views

CVE-2024-23486

Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials...

6.9AI score0.00561EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.4 views

PT-2024-21282 · Buffalo · Buffalo Wireless Lan Routers

Name of the Vulnerable Software and Affected Versions: BUFFALO wireless LAN routers affected versions not specified Description: The issue allows a logged-in user to execute arbitrary OS commands, which is an OS command injection vulnerability in BUFFALO wireless LAN routers. Recommendations: At...

4.2CVSS7.3AI score0.0055EPSS
Exploits0References7
Rows per page
Query Builder