70 matches found
EUVD-2017-18430
Malware in sbrugna...
EUVD-2023-42634
Malicious code in bioql PyPI...
EUVD-2023-42635
Malicious code in bioql PyPI...
EUVD-2023-42637
Malicious code in bioql PyPI...
EUVD-2023-42638
Malicious code in bioql PyPI...
EUVD-2023-42636
Malicious code in bioql PyPI...
CVE-2025-57293
A command injection vulnerability in COMFAST CF-XR11 firmware V2.7.2 exists in the multipppoe API, processed by the sub423930 function in /usr/bin/webmgnt. The phyinterface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST request to...
CVE-2025-57293
A command injection vulnerability in COMFAST CF-XR11 firmware V2.7.2 exists in the multipppoe API, processed by the sub423930 function in /usr/bin/webmgnt. The phyinterface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST request to...
PT-2025-38482
Name of the Vulnerable Software and Affected Versions COMFAST CF-XR11 version V2.7.2 Description A command injection issue exists in the multi pppoe API, processed by the sub 423930 function. The phy interface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST...
CVE-2025-57293
COMFAST CF-XR11 firmware V2.7.2 is affected by a command injection in the multi_pppoe API (sub_423930 in /usr/bin/webmgnt). The phy_interface parameter is not sanitized, allowing an attacker to inject commands via POST to /cgi-bin/mbox-config?method=SET§ion=multi_pppoe; when action=one_click_...
CVE-2025-57293
A command injection vulnerability in COMFAST CF-XR11 firmware V2.7.2 exists in the multipppoe API, processed by the sub423930 function in /usr/bin/webmgnt. The phyinterface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST request to...
CVE-2025-57293
A command injection vulnerability in COMFAST CF-XR11 firmware V2.7.2 exists in the multipppoe API, processed by the sub423930 function in /usr/bin/webmgnt. The phyinterface parameter is not sanitized, allowing attackers to inject arbitrary commands via a POST request to...
CVE-2024-44466
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface...
CVE-2023-38864
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protaldeletepicname parameter in the sub41171C function at bin/webmgnt...
CVE-2023-38865
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr...
CVE-2023-38866
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and displayname...
CVE-2023-38863
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub410074 function at bin/webmgnt...
CVE-2023-38862
An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub431F64 function in bin/webmgnt...
CVE-2024-44466
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface...
CVE-2024-44466
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface...