Lucene search
K

1453 matches found

CNVD
CNVD
added 2025/09/16 12:0 a.m.3 views

Wavlink WL-WN578W2 sub_409184 Command Injection Vulnerability

The Wavlink WL-WN578W2 is a wireless repeater from China's Wavlink. A command injection vulnerability exists in Wavlink WL-WN578W2 version 221110, which originates from the parameter selEncrypTyp of the function sub409184 in the file /wizardrep.shtml that fails to correctly filter the constructor...

9.8CVSS7.8AI score0.08082EPSS
Exploits1References1
OSV
OSV
added 2025/09/12 7:15 p.m.4 views

CVE-2025-10323

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is the function sub409184 of the file /wizardrep.shtml. The manipulation of the argument selEncrypTyp results in command injection. The attack may be performed from remote. The exploit has been made public and could be...

9.8CVSS5.5AI score0.08082EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/09/12 7:2 p.m.8 views

CVE-2025-10323 Wavlink WL-WN578W2 wizard_rep.shtml sub_409184 command injection

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is the function sub409184 of the file /wizardrep.shtml. The manipulation of the argument selEncrypTyp results in command injection. The attack may be performed from remote. The exploit has been made public and could be...

7.5CVSS0.08082EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/12 7:2 p.m.3 views

CVE-2025-10323 Wavlink WL-WN578W2 wizard_rep.shtml sub_409184 command injection

A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is the function sub409184 of the file /wizardrep.shtml. The manipulation of the argument selEncrypTyp results in command injection. The attack may be performed from remote. The exploit has been made public and could be...

7.5CVSS6.4AI score0.08082EPSS
Exploits1References4
CVE
CVE
added 2025/09/12 7:2 p.m.15 views

CVE-2025-10323

CVE-2025-10323 affects Wavlink WL-WN578W2 (firmware 221110). A command injection exists in the function sub_409184 of the file wizard_rep.shtml, exploitable via the sel_EncrypTyp parameter. Public exploit evidence and remote execution potential are stated across CNVD/CNNVD/PT-2025-37342 entries; ...

9.8CVSS6.4AI score0.08082EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.3 views

Wavlink WL-WN578W2 命令注入漏洞

The Wavlink WL-WN578W2 is a wireless repeater from China's Wavlink. A command injection vulnerability exists in Wavlink WL-WN578W2 version 221110, which originates from the parameter selEncrypTyp of the function sub409184 in the file /wizardrep.shtml that fails to correctly filter the constructor...

9.8CVSS7.7AI score0.08082EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.9 views

PT-2025-37342

Name of the Vulnerable Software and Affected Versions: Wavlink WL-WN578W2 version 221110 Description: A command injection issue exists in the function sub 409184 of the file /wizard rep.shtml. The manipulation of the argument sel EncrypTyp can lead to command injection. This issue is exploitable...

7.5CVSS7.5AI score0.08082EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-2421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Setup Wizard in Android 5.1.x before 5.1.1 and 6.x before 2016-04-01 allows physically proximate attackers to bypass the Factory Reset Protection protection...

6.6CVSS6.9AI score0.00168EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/05 5:27 a.m.6 views

CVE-2023-21482

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard...

6.1CVSS6.5AI score0.00153EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/05 12:0 a.m.3 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : KMail Account Wizard vulnerability (USN-7732-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7732-1 advisory. It was discovered that KMail Account Wizard used HTTP rather than HTTPS when retrieving certain email server configurations. A...

5.9CVSS6AI score0.0025EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/04 12:0 a.m.4 views

Ubuntu: Security Advisory (USN-7732-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.0025EPSS
Exploits0References2
NVD
NVD
added 2025/09/03 6:15 a.m.13 views

CVE-2023-21482

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard...

6.1CVSS0.00153EPSS
Exploits0References1
OSV
OSV
added 2025/09/03 6:15 a.m.3 views

CVE-2023-21482

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard...

4.6CVSS5.8AI score
Exploits0References1
CVE
CVE
added 2025/09/03 5:17 a.m.59 views

CVE-2023-21482

The Samsung Camera app contains a Missing authorization vulnerability that affects specific versions prior to 11.1.02.18 (Android 11), 12.1.03.8 (Android 12), and 13.1.01.4 (Android 13). The issue allows a physical attacker to install a package through Galaxy Store before the Setup wizard complet...

6.1CVSS6AI score0.00153EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/09/03 5:17 a.m.9 views

CVE-2023-21482

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard...

6.1CVSS0.00153EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/03 5:17 a.m.5 views

CVE-2023-21482

Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard...

6.1CVSS6AI score0.00153EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.9 views

PT-2025-35674

Name of the Vulnerable Software and Affected Versions: Camera versions prior to 11.1.02.18 Camera versions prior to 12.1.03.8 Camera versions prior to 13.1.01.4 Description: A missing authorization issue exists in the Camera application. This allows a physical attacker to install a package throug...

6.1CVSS6.1AI score0.00153EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2025/09/02 8:8 p.m.2 views

USN-7732-1: KMail Account Wizard vulnerability

It was discovered that KMail Account Wizard used HTTP rather than HTTPS when retrieving certain email server configurations. An attacker could possibly use this issue to cause email clients to use an attacker-controlled email server...

5.9CVSS5.9AI score0.0025EPSS
Exploits0
OSV
OSV
added 2025/09/02 8:8 p.m.4 views

USN-7732-1 kmail-account-wizard vulnerability

It was discovered that KMail Account Wizard used HTTP rather than HTTPS when retrieving certain email server configurations. An attacker could possibly use this issue to cause email clients to use an attacker-controlled email server...

5.9CVSS5.8AI score0.0025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-50624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle attackers to trigger use of an attacker-controlled mail server because cleartext HTTP is use...

5.9CVSS7.1AI score0.0025EPSS
Exploits0References2
Rows per page
Query Builder