ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi Remote Code Execution vulnerability.
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived.
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived.
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
A vulnerability was found in Intelbras WRN 150 1.0.15_pt_ITB01. It has been rated as problematic. This issue affects some unknown processing of the component Wireless Menu. The manipulation of the arg
A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7-layer Flow Control Router via a specially-crafted HTTP GET request to the t parameter. Insufficient input
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.
O2OA v9.0.3 was discovered to contain a remote code execution (RCE) vulnerability via the mainOutput() function.
A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows
A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perfor
A remote code execution (RCE) vulnerability in OpenClaw Agent Platform v2026.2.6 allows attackers to execute arbitrary code via a Request-Side prompt injection attack.
CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service,
privilege escalation, and potentially kernel execution when a malicious actor with local user
access cr
Buffer Overflow vulnerability in Ardupilot rover commit v.c56439b045162058df0ff136afea3081fcd06d38 allows a local attacker to cause a denial of service via the AP_InertialSensor_ADIS1647x.cpp, ArduRov
A stack-based buffer overflow vulnerability exists in the boa getInfo functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such man
A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulat
A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has been classified as critical. Affected is an unknown function of the file /admin/network/wifi_schedule.
Windows Hyper-V Remote Code Execution Vulnerability
TP-LINK TL-WDR5620 v2.3 was discovered to contain a remote code execution (RCE) vulnerability via the httpProcDataSrv function.
Page 1+ Next →