Total
2739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28496 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-25 | 9.8 Critical |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 discovered to contain a command injection vulnerability in the setPasswordCfg function via the adminuser and adminpassparameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-28497 | 1 Totolink | 2 Cp900, Cp900 Firmware | 2025-02-25 | 9.8 Critical |
| TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the mtd_write_bootloader function via the filename parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2023-27581 | 1 Github-slug-action Project | 1 Github-slug-action | 2025-02-25 | 8.8 High |
| github-slug-action is a GitHub Action to expose slug value of GitHub environment variables inside of one's GitHub workflow. Starting in version 4.0.0` and prior to version 4.4.1, this action uses the `github.head_ref` parameter in an insecure way. This vulnerability can be triggered by any user on GitHub on any workflow using the action on pull requests. They just need to create a pull request with a branch name, which can contain the attack payload. This can be used to execute code on the GitHub runners and to exfiltrate any secrets one uses in the CI pipeline. A patched action is available in version 4.4.1. No workaround is available. | ||||
| CVE-2023-28110 | 1 Fit2cloud | 2 Jumpserver, Koko | 2025-02-25 | 5.7 Medium |
| Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko can result in the execution of dangerous commands that may disrupt the Koko container environment and affect normal usage. The vulnerability has been fixed in v2.28.8. | ||||
| CVE-2023-28425 | 1 Redis | 1 Redis | 2025-02-25 | 5.5 Medium |
| Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10. | ||||
| CVE-2025-1676 | 2025-02-25 | 6.3 Medium | ||
| A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-1608 | 2025-02-24 | 6.3 Medium | ||
| A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2. Affected is the function websGetVar of the file /goform/set_manpwd. The manipulation of the argument routepwd leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-1609 | 2025-02-24 | 6.3 Medium | ||
| A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this vulnerability is the function websGetVar of the file /goform/set_cmd. The manipulation of the argument cmd leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-1610 | 2025-02-24 | 6.3 Medium | ||
| A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this issue is the function websGetVar of the file /goform/set_blacklist. The manipulation of the argument mac/enable leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-1616 | 2025-02-24 | 4.7 Medium | ||
| A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this issue is some unknown functionality of the component Diagnosis. The manipulation of the argument Destination Address leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-1536 | 2025-02-21 | 7.3 High | ||
| A vulnerability was found in Raisecom Multi-Service Intelligent Gateway up to 20250208. It has been declared as critical. This vulnerability affects unknown code of the file /vpn/vpn_template_style.php of the component Request Parameter Handler. The manipulation of the argument stylenum leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-23149 | 1 Dek-1705 Project | 2 Dek-1705, Dek-1705 Firmware | 2025-02-20 | 9.8 Critical |
| DEK-1705 <=Firmware:34.23.1 device was discovered to have a command execution vulnerability. | ||||
| CVE-2023-26800 | 1 Ruijienetworks | 6 Rg-ew1200, Rg-ew1200 Firmware, Rg-ew1200g Pro and 3 more | 2025-02-20 | 9.8 Critical |
| Ruijie Networks RG-EW1200 Wireless Routers EW_3.0(1)B11P204 was discovered to contain a command injetion vulnerability via the params.path parameter in the upgradeConfirm function. | ||||
| CVE-2023-27796 | 1 Ruijienetworks | 6 Rg-ew1200g Pro, Rg-ew1200g Pro Firmware, Rg-ew1800gx Pro and 3 more | 2025-02-20 | 8.8 High |
| RG-EW1200G PRO Wireless Routers EW_3.0(1)B11P204, RG-EW1800GX PRO Wireless Routers EW_3.0(1)B11P204, and RG-EW3200GX PRO Wireless Routers EW_3.0(1)B11P204 were discovered to contain multiple command injection vulnerabilities via the data.ip, data.protocal, data.iface and data.package parameters in the runPackDiagnose function of diagnose.lua. | ||||
| CVE-2023-26493 | 1 Cocos | 1 Cocos-engine | 2025-02-19 | 8.1 High |
| Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the `web-interface-check.yml` was subject to command injection. The `web-interface-check.yml` was triggered when a pull request was opened or updated and contained the user controllable field `(${{ github.head_ref }} – the name of the fork’s branch)`. This would allow an attacker to take over the GitHub Runner and run custom commands (potentially stealing secrets such as GITHUB_TOKEN) and altering the repository. The workflow has since been removed for the repository. There are no actions required of users. | ||||
| CVE-2023-28430 | 1 Onesignal | 1 React-native-onesignal | 2025-02-19 | 7.3 High |
| OneSignal is an email, sms, push notification, and in-app message service for mobile apps.The Zapier.yml workflow is triggered on issues (types: [closed]) (i.e., when an Issue is closed). The workflow starts with full write-permissions GitHub repository token since the default workflow permissions on Organization/Repository level are set to read-write. This workflow runs the following step with data controlled by the comment `(${{ github.event.issue.title }} – the full title of the Issue)`, allowing an attacker to take over the GitHub Runner and run custom commands, potentially stealing any secret (if used), or altering the repository. This issue was found with CodeQL using javascript’s Expression injection in Actions query. This issue has been addressed in the repositories github action. No actions are required by users. This issue is also tracked as `GHSL-2023-051`. | ||||
| CVE-2025-1448 | 2025-02-19 | 7.3 High | ||
| A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The manipulation of the argument retry leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-27232 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-18 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-27231 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-18 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the downBw parameter at /setting/setWanIeCfg. | ||||
| CVE-2023-27229 | 1 Totolink | 2 A7100ru, A7100ru Firmware | 2025-02-18 | 9.8 Critical |
| TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the upBw parameter at /setting/setWanIeCfg. | ||||