A command injection vulnerability exists in Motorola CX2L router v1.0.2 and below. The vulnerability is present in the SetStationSettings function. The system directly invokes the system function to e
Archer 6.11.00204.10014 allows attackers to execute arbitrary code via crafted system inputs that would be exported into the CSV and be executed after the user opened the file with compatible applicat
The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability (CVE-2025-1977) that allows an authenticated user with read-only access to perform unauthorized c
OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340/D440 provided by Y'S corporation. A user with an administrative privilege who logged in to the web management
Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to execute arbitrary commands on the device. The vulnerability is
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate anot
In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended comman
Command injection vulnerability in the Edge Computing UI for the
TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the
web
Authenticated command injection vulnerability in the command line interface of a network management service. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary
U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Command Injection. The Network Time Protocol (NTP) configuration interface does not properly sanitize user-supplied input. An
OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting uns
A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate priv
An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution.
Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS S
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system
A vulnerability, which was classified as critical, has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. This issue affects some unknown processing of the file /admin/network/
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for
Command injection vulnerability in the operating system in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2 through the 'GetDNS()', 'CheckPing()' and 'TraceRoute()' functions.
A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arb
DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands
A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This vulnerability affects the function get_ip_addr_details of the file /view/vpn/sxh_vpn/sxh_vpnlic.php of the compon