Lucene search
K

70 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-18430

Malware in sbrugna...

5.5CVSS5.6AI score0.00192EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-42638

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02091EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42637

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02091EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42634

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01081EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-42636

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01081EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-42635

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01081EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/20 12:30 a.m.12 views

CVE-2025-57293

A command injection vulnerability in COMFAST CF-XR11 firmware V2.7.2 exists in the multipppoe API, processed by the sub423930 function in /usr/bin/webmgnt. The phyinterface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST request to...

8.8CVSS7.8AI score0.01679EPSS
Exploits1References1
OSV
OSV
added 2025/09/18 9:15 p.m.5 views

CVE-2025-57293

A command injection vulnerability in COMFAST CF-XR11 firmware V2.7.2 exists in the multipppoe API, processed by the sub423930 function in /usr/bin/webmgnt. The phyinterface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST request to...

8.8CVSS6.2AI score0.01679EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.12 views

PT-2025-38482

Name of the Vulnerable Software and Affected Versions COMFAST CF-XR11 version V2.7.2 Description A command injection issue exists in the multi pppoe API, processed by the sub 423930 function. The phy interface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST...

8.8CVSS7.5AI score0.01679EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/09/18 12:0 a.m.12 views

CVE-2025-57293

A command injection vulnerability in COMFAST CF-XR11 firmware V2.7.2 exists in the multipppoe API, processed by the sub423930 function in /usr/bin/webmgnt. The phyinterface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST request to...

0.01679EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/18 12:0 a.m.4 views

CVE-2025-57293

A command injection vulnerability in COMFAST CF-XR11 firmware V2.7.2 exists in the multipppoe API, processed by the sub423930 function in /usr/bin/webmgnt. The phyinterface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST request to...

7.4AI score0.01679EPSS
Exploits1References1
CVE
CVE
added 2025/09/18 12:0 a.m.19 views

CVE-2025-57293

COMFAST CF-XR11 firmware V2.7.2 is affected by a command injection in the multi_pppoe API (sub_423930 in /usr/bin/webmgnt). The phy_interface parameter is not sanitized, allowing an attacker to inject commands via POST to /cgi-bin/mbox-config?method=SET&section=multi_pppoe; when action=one_click_...

8.8CVSS7.5AI score0.01679EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 6:51 a.m.9 views

CVE-2024-44466

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface...

9.8CVSS9.7AI score0.10734EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.17 views

CVE-2023-38865

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr...

9.8CVSS7.7AI score0.02091EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.10 views

CVE-2023-38864

An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protaldeletepicname parameter in the sub41171C function at bin/webmgnt...

9.8CVSS7.8AI score0.01081EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.8 views

CVE-2023-38866

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and displayname...

9.8CVSS7.7AI score0.02091EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:9 a.m.10 views

CVE-2023-38863

An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub410074 function at bin/webmgnt...

9.8CVSS7.8AI score0.01081EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:20 a.m.8 views

CVE-2023-38862

An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub431F64 function in bin/webmgnt...

9.8CVSS7.8AI score0.01081EPSS
Exploits1References1
NVD
NVD
added 2024/09/11 4:15 p.m.23 views

CVE-2024-44466

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface...

9.8CVSS0.10734EPSS
Exploits1References1
OSV
OSV
added 2024/09/11 4:15 p.m.3 views

CVE-2024-44466

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface...

9.8CVSS5.8AI score0.10734EPSS
Exploits1References1
Rows per page
Query Builder