A command injection vulnerability on AX53 v1 occurs in mscd debug functionality due to insufficient input handling, allowing log redirection to arbitrary files and concatenation of unvalidated file co
An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file
An OS command injection vulnerability in the OpenVPN module
of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file
This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the
Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 v5 firmware, allowing authenticated attackers to execute system commands with a limited character len
A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authen
An OS
command injection vulnerability exists in the VPN module of TP-Link Archer AX12
v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an
adjacent, authenticated attacker to ex
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a
An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1 router that allows an administrator to execute arbitrary system commands through the web management interfa
Authenticated command injection vulnerability in the command line interface of a network management service. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary
A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the Zyxel AX7501-B1 firmware version V5.17(ABPC.5.3)C0 and earlier could allow an authenticated attacker with
A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub_412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. Thi
In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information.
A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-RunPkgStatusRequest instruction. Improper input validation allows authenticated att
A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) and Archer AXE75 v1.0 allows adjacent
authenticated
attacker to execute arbitrary code. Successful exploitation coul
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform
A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Explorer-TachyonCore-FindFileBySizeAndHash instruction prior V21.1. Improper input valida
A command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially crafted API request.
A command execution vulnerability exists in the AX2 Pro home router produced by Shenzhen Tenda Technology Co., Ltd. (Jixiang Tenda) v.DI_7003G-19.12.24A1V16.03.29.50;V16.03.29.50;V16.03.29.50. An atta
Page 1+ Next →