Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-35735

Summary
Assigner-f5
Assigner Org ID-9dacffd4-cb11-413f-8451-fbbfd4ddc0ab
Published At-04 Aug, 2022 | 17:50
Updated At-17 Sep, 2024 | 01:47
Rejected At-
Credits

BIG-IP monitor configuration vulnerability CVE-2022-35735

In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, an authenticated attacker with Resource Administrator or Manager privileges can create or modify existing monitor objects in the Configuration utility in an undisclosed manner leading to a privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:f5
Assigner Org ID:9dacffd4-cb11-413f-8451-fbbfd4ddc0ab
Published At:04 Aug, 2022 | 17:50
Updated At:17 Sep, 2024 | 01:47
Rejected At:
▼CVE Numbering Authority (CNA)
BIG-IP monitor configuration vulnerability CVE-2022-35735

In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, an authenticated attacker with Resource Administrator or Manager privileges can create or modify existing monitor objects in the Configuration utility in an undisclosed manner leading to a privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Products
Vendor
F5, Inc.F5
Product
BIG-IP
Versions
Affected
  • From 13.1.0 before 13.1.x* (custom)
  • From 14.1.x before 14.1.5.1 (custom)
  • From 15.1.x before 15.1.6.1 (custom)
  • From 16.1.x before 16.1.3.1 (custom)
Unaffected
  • From 17.0.0 before 17.0.x* (custom)
Problem Types
TypeCWE IDDescription
CWECWE-74CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Type: CWE
CWE ID: CWE-74
Description: CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://support.f5.com/csp/article/K13213418
x_refsource_MISC
Hyperlink: https://support.f5.com/csp/article/K13213418
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://support.f5.com/csp/article/K13213418
x_refsource_MISC
x_transferred
Hyperlink: https://support.f5.com/csp/article/K13213418
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:f5sirt@f5.com
Published At:04 Aug, 2022 | 18:15
Updated At:10 Aug, 2022 | 19:26

In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, an authenticated attacker with Resource Administrator or Manager privileges can create or modify existing monitor objects in the Configuration utility in an undisclosed manner leading to a privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches

F5, Inc.
f5
>>big-ip_access_policy_manager>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_access_policy_manager>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_access_policy_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_access_policy_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_advanced_firewall_manager>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_advanced_firewall_manager>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_advanced_firewall_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_advanced_firewall_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_analytics>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_analytics>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_analytics>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_analytics>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_acceleration_manager>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_acceleration_manager>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_acceleration_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_acceleration_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_security_manager>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_security_manager>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_security_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_application_security_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_domain_name_system>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_domain_name_system>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_domain_name_system>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_domain_name_system>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_fraud_protection_service>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_fraud_protection_service>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_fraud_protection_service>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_fraud_protection_service>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_global_traffic_manager>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_global_traffic_manager>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_global_traffic_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_global_traffic_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_link_controller>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_link_controller>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_link_controller>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_link_controller>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_local_traffic_manager>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_local_traffic_manager>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_local_traffic_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_local_traffic_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_policy_enforcement_manager>>Versions from 13.1.0(inclusive) to 13.1.5(inclusive)
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_policy_enforcement_manager>>Versions from 14.1.0(inclusive) to 14.1.5.1(exclusive)
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_policy_enforcement_manager>>Versions from 15.1.0(inclusive) to 15.1.6.1(exclusive)
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
F5, Inc.
f5
>>big-ip_policy_enforcement_manager>>Versions from 16.1.0(inclusive) to 16.1.3.1(exclusive)
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-74Primaryf5sirt@f5.com
CWE ID: CWE-74
Type: Primary
Source: f5sirt@f5.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://support.f5.com/csp/article/K13213418f5sirt@f5.com
Vendor Advisory
Hyperlink: https://support.f5.com/csp/article/K13213418
Source: f5sirt@f5.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

210Records found

CVE-2022-41617
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-1.10% / 61.64%
||
7 Day CHG~0.00%
Published-19 Oct, 2022 | 21:19
Updated-08 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP Advanced WAF and ASM iControl REST vulnerability CVE-2022-41617

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, When the Advanced WAF / ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST interface.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_advanced_web_application_firewallbig-ip_application_security_managerBIG-IP Advanced WAF & ASM
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-28695
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-0.84% / 53.46%
||
7 Day CHG+0.02%
Published-05 May, 2022 | 16:34
Updated-17 Sep, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On F5 BIG-IP AFM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, an authenticated attacker with high privileges can upload a maliciously crafted file to the BIG-IP AFM Configuration utility, which allows an attacker to run arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_advanced_firewall_managerBIG-IP AFM
CWE ID-CWE-20
Improper Input Validation
CVE-2024-45844
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.6||HIGH
EPSS-10.58% / 95.23%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 14:12
Updated-21 Oct, 2025 | 11:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP monitors vulnerability

BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_global_traffic_managerbig-ip_application_acceleration_managerbig-ip_carrier-grade_natbig-ip_ddos_hybrid_defenderbig-ip_advanced_firewall_managerbig-ip_policy_enforcement_managerbig-ip_local_traffic_managerbig-ip_webacceleratorbig-ip_access_policy_managerbig-ip_advanced_web_application_firewallbig-ip_fraud_protection_servicebig-ip_analyticsbig-ip_ssl_orchestratorbig-ip_edge_gatewaybig-ip_link_controllerbig-ip_container_ingress_servicesbig-ip_application_security_managerbig-ip_automation_toolchainbig-ip_domain_name_systembig-ip_application_visibility_and_reportingbig-ip_websafeBIG-IPbig-ip
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-27634
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.29% / 66.82%
||
7 Day CHG+0.03%
Published-05 May, 2022 | 16:12
Updated-17 Sep, 2024 | 02:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, BIG-IP APM does not properly validate configurations, allowing an authenticated attacker with high privileges to manipulate the APM policy leading to privilege escalation/remote code execution. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_access_policy_managerBIG-IP APM
CWE ID-CWE-20
Improper Input Validation
CVE-2022-27806
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.7||HIGH
EPSS-1.45% / 70.27%
||
7 Day CHG-0.02%
Published-05 May, 2022 | 16:29
Updated-17 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_access_policy_managerbig-ip_advanced_web_application_firewallbig-ip_application_security_managerbig-ip_guided_configurationBIG-IP Guided Configuration (GC)BIG-IP (Advanced WAF, APM, ASM)
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-23009
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-1.11% / 61.97%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 19:11
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a BIG-IQ managed BIG-IP device can access other BIG-IP devices managed by the same BIG-IQ system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-iq_centralized_managementBIG-IQ Centralized Management
CWE ID-CWE-863
Incorrect Authorization
CVE-2026-41225
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.6||HIGH
EPSS-0.27% / 18.95%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-24 Jun, 2026 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iControl REST vulnerability

A vulnerability exists in iControl REST where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running arbitrary commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_security_managerbig-ip_container_ingress_servicesbig-ip_global_traffic_managerbig-ip_link_controllerbig-ip_application_acceleration_managerbig-ip_webacceleratorbig-ip_websafebig-ip_advanced_web_application_firewallbig-ip_ddos_hybrid_defenderbig-ip_application_visibility_and_reportingbig-ip_edge_gatewaybig-ip_analyticsbig-ip_advanced_firewall_managerbig-ip_domain_name_systembig-ip_access_policy_managerbig-ip_local_traffic_managerbig-ip_fraud_protection_servicebig-ip_automation_toolchainbig-ip_carrier-grade_natbig-ip_ssl_orchestratorbig-ip_policy_enforcement_managerBIG-IP
CWE ID-CWE-648
Incorrect Use of Privileged APIs
CVE-2026-39459
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-8.6||HIGH
EPSS-0.26% / 17.04%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 14:12
Updated-29 Jun, 2026 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iControl REST and tmsh vulnerability

A vulnerability exists in iControl REST and the TMOS Shell (tmsh) where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running arbitrary commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_security_managerbig-ip_container_ingress_servicesbig-ip_global_traffic_managerbig-ip_link_controllerbig-ip_application_acceleration_managerbig-ip_webacceleratorbig-ip_websafebig-ip_advanced_web_application_firewallbig-ip_ddos_hybrid_defenderbig-ip_application_visibility_and_reportingbig-ip_edge_gatewaybig-ip_analyticsbig-ip_advanced_firewall_managerbig-ip_domain_name_systembig-ip_access_policy_managerbig-ip_local_traffic_managerbig-ip_fraud_protection_servicebig-ip_automation_toolchainbig-ip_carrier-grade_natbig-ip_ssl_orchestratorbig-ip_policy_enforcement_managerBIG-IP
CWE ID-CWE-272
Least Privilege Violation
CVE-2024-22389
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-0.50% / 38.98%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 16:30
Updated-05 Sep, 2025 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP iControl REST API Vulnerability

When BIG-IP is deployed in high availability (HA) and an iControl REST API token is updated, the change does not sync to the peer device. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_policy_enforcement_managerbig-ip_link_controllerbig-ip_fraud_protection_servicebig-ip_application_acceleration_managerbig-iq_centralized_managementbig-ip_analyticsbig-ip_global_traffic_managerbig-ip_application_security_managerbig-ip_access_policy_managerbig-ip_advanced_firewall_managerbig-ip_local_traffic_managerbig-ip_domain_name_systemBIG-IPbig-ip
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2023-42768
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-0.53% / 41.05%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 12:34
Updated-19 Sep, 2024 | 13:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP iControl REST vulnerability

When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST admin resource.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_webacceleratorbig-ip_ssl_orchestratorbig-ip_application_acceleration_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_analyticsbig-ip_domain_name_systembig-ip_application_security_managerbig-ip_edge_gatewaybig-ip_advanced_web_application_firewallbig-ip_carrier-grade_natbig-ip_link_controllerbig-ip_application_visibility_and_reportingbig-ip_access_policy_managerbig-ip_websafebig-ip_advanced_firewall_managerbig-ip_ddos_hybrid_defenderBIG-IP
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2023-28742
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-1.47% / 70.66%
||
7 Day CHG~0.00%
Published-03 May, 2023 | 14:34
Updated-03 Feb, 2025 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP iQuery mesh vulnerability

When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_domain_name_systemBIG-IP
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-22990
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-8.84% / 94.56%
||
7 Day CHG~0.00%
Published-31 Mar, 2021 | 16:44
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, on systems with Advanced WAF or BIG-IP ASM provisioned, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_advanced_web_application_firewallbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerssl_orchestratorbig-ip_application_security_managerbig-ip_ddos_hybrid_defenderBIG-IP Advanced WAF or BIG-IP ASM
CVE-2021-23015
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-1.34% / 67.93%
||
7 Day CHG~0.00%
Published-10 May, 2021 | 14:40
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.0.8 through 13.1.3.6, and all versions of 16.0.x, when running in Appliance Mode, an authenticated user assigned the 'Administrator' role may be able to bypass Appliance Mode restrictions utilizing undisclosed iControl REST endpoints. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_ssl_orchestratorbig-ip_application_acceleration_managerbig-ip_advanced_web_application_firewallbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerbig-ip_ddos_hybrid_defenderBIG-IP
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-22982
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-0.99% / 58.27%
||
7 Day CHG~0.00%
Published-12 Feb, 2021 | 17:46
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP DNS and GTM version 13.1.x before 13.1.0.4, and all versions of 12.1.x and 11.6.x, big3d does not securely handle and parse certain payloads resulting in a buffer overflow. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_domain_name_systembig-ip_global_traffic_managerBIG-IP DNS and GTM
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-23024
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-5.35% / 91.64%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 14:35
Updated-03 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On version 8.0.x before 8.0.0.1, and all 6.x and 7.x versions, the BIG-IQ Configuration utility has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-iq_centralized_managementBIG-IQ
CVE-2020-5907
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-1.43% / 69.80%
||
7 Day CHG~0.00%
Published-01 Jul, 2020 | 14:43
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an authorized user provided with access only to the TMOS Shell (tmsh) may be able to conduct arbitrary file read/writes via the built-in sftp functionality.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CVE-2020-5873
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-1.39% / 68.90%
||
7 Day CHG~0.00%
Published-30 Apr, 2020 | 20:21
Updated-04 Aug, 2024 | 08:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure copy (scp) utility but does not have access to Advanced Shell (bash) can execute arbitrary commands using a maliciously crafted scp request.

Action-Not Available
Vendor-n/aF5, Inc.
Product-big-ip_application_acceleration_managerbig-iq_centralized_managementbig-ip_link_controllerbig-ip_fraud_protection_servicebig-ip_policy_enforcement_managerbig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IQBIG-IP
CVE-2019-6616
Matching Score-8
Assigner-F5, Inc.
ShareView Details
Matching Score-8
Assigner-F5, Inc.
CVSS Score-7.2||HIGH
EPSS-1.60% / 72.78%
||
7 Day CHG~0.00%
Published-03 May, 2019 | 19:12
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, administrative users with TMSH access can overwrite critical system files on BIG-IP which can result in bypass of whitelist / blacklist restrictions enforced by appliance mode.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_edge_gatewaybig-ip_webacceleratorbig-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_access_policy_managerbig-ip_analyticsbig-ip_domain_name_systembig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)
CVE-2026-50107
Matching Score-6
Assigner-F5, Inc.
ShareView Details
Matching Score-6
Assigner-F5, Inc.
CVSS Score-8.6||HIGH
EPSS-0.49% / 38.73%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 20:04
Updated-22 Jun, 2026 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NGINX Gateway Fabric vulnerability

When NGINX Plus or NGINX Open Source is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition (CRD) access log format setting are rendered directly into NGINX configuration templates without sanitization or escaping. An authenticated attacker with permission to create or modify these CRDs may craft values that inject arbitrary NGINX configuration directives. This is a control plane issue; there is no data plane exposure from the vulnerability trigger itself. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-nginx_gateway_fabricNGINX Gateway Fabric
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2026-11311
Matching Score-6
Assigner-F5, Inc.
ShareView Details
Matching Score-6
Assigner-F5, Inc.
CVSS Score-8.6||HIGH
EPSS-0.57% / 42.90%
||
7 Day CHG-0.02%
Published-17 Jun, 2026 | 14:04
Updated-02 Jul, 2026 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NGINX Gateway Fabric vulnerability

When NGINX Plus is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition serverTokens field and the AuthenticationFilter Custom Resource Definition extraAuthArgs field are rendered directly into NGINX configuration templates without sanitization or escaping. An authenticated attacker with permission to create or modify these Custom Resource Definitions may craft values that inject arbitrary NGINX configuration directives. This is a control plane issue; there is no data plane exposure from the vulnerability trigger itself. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-nginx_gateway_fabricNGINX Gateway Fabric
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-76
Improper Neutralization of Equivalent Special Elements
CVE-2026-8724
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.39% / 30.66%
||
7 Day CHG~0.00%
Published-17 May, 2026 | 00:30
Updated-19 May, 2026 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dataease Data Dashboard SqlparserUtils.java SqlparserUtils.transFilter sql injection

A security flaw has been discovered in Dataease 2.10.20. Impacted is the function SqlparserUtils.transFilter of the file SqlparserUtils.java of the component Data Dashboard. The manipulation results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-n/aDataEase (FIT2CLOUD Inc.)
Product-dataeaseDataease
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2022-43769
Matching Score-4
Assigner-Hitachi Vantara
ShareView Details
Matching Score-4
Assigner-Hitachi Vantara
CVSS Score-8.8||HIGH
EPSS-97.67% / 99.89%
||
7 Day CHG~0.00%
Published-03 Apr, 2023 | 17:47
Updated-24 Oct, 2025 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-03-24||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Hitachi Vantara Pentaho Business Analytics Server - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.

Action-Not Available
Vendor-Hitachi, Ltd.Hitachi Vantara LLC
Product-vantara_pentaho_business_analytics_serverPentaho Business Analytics ServerPentaho Business Analytics (BA) Server
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-41878
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.2||HIGH
EPSS-0.88% / 54.54%
||
7 Day CHG~0.00%
Published-10 Nov, 2022 | 00:00
Updated-23 Apr, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Parse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code Triggers

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option `requestKeywordDenylist` can be injected via Cloud Code Webhooks or Triggers. This will result in the keyword being saved to the database, bypassing the `requestKeywordDenylist` option. This issue is fixed in versions 4.10.19, and 5.3.2. If upgrade is not possible, the following Workarounds may be applied: Configure your firewall to only allow trusted servers to make request to the Parse Server Cloud Code Webhooks API, or block the API completely if you are not using the feature.

Action-Not Available
Vendor-parseplatformparse-community
Product-parse-serverparse-server
CWE ID-CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-16875
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.4||HIGH
EPSS-47.14% / 98.69%
||
7 Day CHG~0.00%
Published-11 Sep, 2020 | 17:08
Updated-23 Feb, 2026 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Exchange Server Remote Code Execution Vulnerability

<p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Exchange handles cmdlet arguments.</p>

Action-Not Available
Vendor-Microsoft Corporation
Product-exchange_serverMicrosoft Exchange Server 2019 Cumulative Update 5Microsoft Exchange Server 2019 Cumulative Update 6Microsoft Exchange Server 2016 Cumulative Update 16Microsoft Exchange Server 2016 Cumulative Update 17
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2025-14011
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.33% / 25.37%
||
7 Day CHG+0.01%
Published-04 Dec, 2025 | 17:32
Updated-24 Feb, 2026 | 06:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JIZHICMS Add Display Name Field addcomment.html commentlist sql injection

A vulnerability was found in JIZHICMS up to 2.5.5. Impacted is the function commentlist of the file /index.php/admins/Comment/addcomment.html of the component Add Display Name Field. Performing a manipulation of the argument aid/tid results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-jizhicmsn/a
Product-jizhicmsJIZHICMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-14012
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.33% / 25.37%
||
7 Day CHG+0.01%
Published-04 Dec, 2025 | 17:32
Updated-24 Feb, 2026 | 06:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JIZHICMS Batch Delete Comments deleteAll.html delete sql injection

A vulnerability was determined in JIZHICMS up to 2.5.5. The affected element is the function deleteAll/findAll/delete of the file /index.php/admins/Comment/deleteAll.html of the component Batch Delete Comments. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-jizhicmsn/a
Product-jizhicmsJIZHICMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-12927
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.27% / 18.43%
||
7 Day CHG+0.01%
Published-10 Nov, 2025 | 02:32
Updated-24 Feb, 2026 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DedeBIZ archives_add.php sql injection

A security vulnerability has been detected in DedeBIZ up to 6.3.2. The impacted element is an unknown function of the file /admin/archives_add.php. Such manipulation of the argument flags[] leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-dedebizn/a
Product-dedebizDedeBIZ
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2026-7833
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-2.34% / 81.53%
||
7 Day CHG~0.00%
Published-05 May, 2026 | 12:30
Updated-06 May, 2026 | 12:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EFM ipTIME C200 ApplyRestore Endpoint iux_set.cgi sub_408F90 command injection

A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub_408F90 of the file /cgi/iux_set.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-EFM
Product-ipTIME C200
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-12287
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.43% / 34.59%
||
7 Day CHG~0.00%
Published-27 Oct, 2025 | 14:32
Updated-07 Jan, 2026 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bdtask Wholesale Inventory Control and Inventory Management System edit_profile sql injection

A security vulnerability has been detected in Bdtask Wholesale Inventory Control and Inventory Management System up to 20251013. This impacts an unknown function of the file /Admin_dashboard/edit_profile. Such manipulation of the argument first_name/last_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-bdtaskBdtask
Product-wholesaleWholesale Inventory Control and Inventory Management System
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-1173
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.60% / 44.47%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 04:31
Updated-28 Feb, 2025 | 02:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
1000 Projects Bookstore Management System process_users_del.php sql injection

A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file process_users_del.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely.

Action-Not Available
Vendor-1000 PROJECTS
Product-bookstore_management_systemBookstore Management System
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-11335
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.75% / 90.79%
||
7 Day CHG~0.00%
Published-06 Oct, 2025 | 12:32
Updated-19 Nov, 2025 | 21:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-7100G C1 jhttpd msp_info.htm sub_46409C command injection

A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub_46409C of the file /msp_info.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

Action-Not Available
Vendor-D-Link Corporation
Product-di-7100g_c1_firmwaredi-7100g_c1DI-7100G C1
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-39265
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.2||HIGH
EPSS-2.15% / 79.94%
||
7 Day CHG~0.00%
Published-06 Oct, 2022 | 00:00
Updated-22 Apr, 2025 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mail settings' command parameter injection in mybb

MyBB is a free and open source forum software. The _Mail Settings_ → Additional Parameters for PHP's mail() function mail_parameters setting value, in connection with the configured mail program's options and behavior, may allow access to sensitive information and Remote Code Execution (RCE). The vulnerable module requires Admin CP access with the `_Can manage settings?_` permission and may depend on configured file permissions. MyBB 1.8.31 resolves this issue with the commit `0cd318136a`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-MyBB
Product-mybbmybb
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-10993
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.36% / 28.41%
||
7 Day CHG~0.00%
Published-26 Sep, 2025 | 01:32
Updated-03 Oct, 2025 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MuYuCMS Template Management admin.php code injection

A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely.

Action-Not Available
Vendor-muyucmsn/a
Product-muyucmsMuYuCMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-11071
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.32% / 23.58%
||
7 Day CHG~0.00%
Published-27 Sep, 2025 | 17:32
Updated-10 Oct, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SeaCMS Cron Task Management admin_cron.php sql injection

A security vulnerability has been detected in SeaCMS 13.3.20250820. Impacted is an unknown function of the file /admin_cron.php of the component Cron Task Management Module. The manipulation of the argument resourcefrom/collectID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-seacmsn/a
Product-seacmsSeaCMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-11668
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.41% / 32.93%
||
7 Day CHG~0.00%
Published-13 Oct, 2025 | 08:02
Updated-16 Oct, 2025 | 14:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
code-projects Automated Voting System update_user.php sql injection

A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/update_user.php. This manipulation of the argument Password causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-Fabian RosSource Code & Projects
Product-automated_voting_systemAutomated Voting System
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2012-2931
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.44% / 69.96%
||
7 Day CHG~0.00%
Published-09 Jan, 2020 | 20:56
Updated-06 Aug, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file.

Action-Not Available
Vendor-tinywebgalleryn/a
Product-tinywebgalleryn/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2025-11903
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.57% / 43.23%
||
7 Day CHG~0.00%
Published-17 Oct, 2025 | 14:02
Updated-24 Feb, 2026 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
yanyutao0402 ChanCMS update sql injection

A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing a manipulation of the argument cid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-chancmsyanyutao0402
Product-chancmsChanCMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-11331
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-17.35% / 96.74%
||
7 Day CHG-0.22%
Published-06 Oct, 2025 | 10:02
Updated-07 Oct, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IdeaCMS Website Name Config.php command injection

A vulnerability was found in IdeaCMS up to 1.8. The impacted element is an unknown function of the file app/common/logic/admin/Config.php of the component Website Name Handler. Performing manipulation of the argument 网站名称 results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-ideacmsn/a
Product-ideacmsIdeaCMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-11904
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.60% / 44.23%
||
7 Day CHG~0.00%
Published-17 Oct, 2025 | 15:02
Updated-24 Feb, 2026 | 07:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
yanyutao0402 ChanCMS hasUse sql injection

A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function hasUse of the file /cms/model/hasUse. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-chancmsyanyutao0402
Product-chancmsChanCMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-11944
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.52% / 40.58%
||
7 Day CHG~0.00%
Published-19 Oct, 2025 | 20:02
Updated-24 Feb, 2026 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
givanz Vvveb Raw SQL import.php import sql injection

A vulnerability was determined in givanz Vvveb up to 1.0.7.3. This affects the function Import of the file admin/controller/tools/import.php of the component Raw SQL Handler. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Patch name: 52204b4a106b2fb02d16eee06a88a1f2697f9b35. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-vvvebgivanz
Product-vvvebVvveb
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-11902
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.57% / 43.23%
||
7 Day CHG~0.00%
Published-17 Oct, 2025 | 14:02
Updated-24 Feb, 2026 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
yanyutao0402 ChanCMS findField sql injection

A vulnerability was detected in yanyutao0402 ChanCMS up to 3.3.2. Affected by this vulnerability is the function findField of the file /cms/article/findField. Performing a manipulation of the argument cid results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-chancmsyanyutao0402
Product-chancmsChanCMS
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-10394
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.40% / 31.71%
||
7 Day CHG~0.00%
Published-14 Sep, 2025 | 06:32
Updated-14 Oct, 2025 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
fcba_zzm ics-park Smart Park Management System Scheduled Task JobController.java code injection

A vulnerability has been found in fcba_zzm ics-park Smart Park Management System 2.0. Affected is an unknown function of the file ruoyi-quartz/src/main/java/com/ruoyi/quartz/controller/JobController.java of the component Scheduled Task Module. Such manipulation leads to code injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-fcba_zzmfcba_zzm
Product-smart_park_management_systemics-park Smart Park Management System
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-10122
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.30% / 21.71%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 02:32
Updated-08 Oct, 2025 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Maccms10 Database.php rep sql injection

A vulnerability was found in Maccms10 2025.1000.4050. Affected is the function rep of the file application/admin/controller/Database.php. Performing manipulation of the argument where results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.

Action-Not Available
Vendor-maccmsn/a
Product-maccmsMaccms10
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-10087
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.36% / 28.47%
||
7 Day CHG~0.00%
Published-08 Sep, 2025 | 06:32
Updated-17 Nov, 2025 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Pet Grooming Management Software profit_report.php sql injection

A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/profit_report.php. Such manipulation of the argument product_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-SourceCodestermayuri_k
Product-pet_grooming_management_softwarePet Grooming Management Software
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-0528
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.6||HIGH
EPSS-5.81% / 92.24%
||
7 Day CHG~0.00%
Published-17 Jan, 2025 | 14:31
Updated-28 May, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC8/AC10/AC18 HTTP Request telnet command injection

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac10_firmwareac18_firmwareac18ac10ac8_firmwareac8AC8AC18AC10
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-37108
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.7||HIGH
EPSS-0.97% / 57.75%
||
7 Day CHG~0.00%
Published-07 Sep, 2022 | 13:06
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab files. The patch for this was present in SNYPR version 6.4 Jun 2022 R3_[06170871], but may have been introduced sooner.

Action-Not Available
Vendor-securonixn/a
Product-snyprn/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2022-36323
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-9.1||CRITICAL
EPSS-1.32% / 67.35%
||
7 Day CHG~0.00%
Published-10 Aug, 2022 | 11:18
Updated-14 Apr, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

Action-Not Available
Vendor-Siemens AG
Product-scalance_xp208_\(eip\)_firmwarescalance_xr528-6m_l3scalance_xc208g_eec_firmwarescalance_m-800_firmwarescalance_xm416-4c_l3scalance_xr-300eecscalance_xc206-2sfp_g_firmwarescalance_xr324wg_firmwarescalance_w700_ieee_802.11ac_firmwarescalance_xc-200scalance_xb208_firmwarescalance_xb213-3ld_firmwarescalance_xc208g_poe_firmwarescalance_xm408-4c_firmwarescalance_xm416-4cscalance_xr528-6m_firmwarescalance_xc206-2scalance_xr528-6m_2hr2_l3scalance_xp208eecscalance_xr552-12m_2hr2_l3scalance_xp-200scalance_xc206-2sfp_eecscalance_xc216_firmwarescalance_xp216_firmwarescalance_xr528-6mscalance_xr526-8c_firmwarescalance_xb216scalance_xr328-4c_wg_firmwarescalance_xr526_firmwarescalance_xr552scalance_xp208eec_firmwarescalance_xf204-2ba_irt_firmwarescalance_sc646-2c_firmwarescalance_xr-300wgscalance_xp208scalance_xc206-2g_poe__firmwarescalance_xr526scalance_xc224_scalance_xr552-12m_firmwarescalance_xr324-4m_poe_firmwarescalance_xm408-4c_l3scalance_xr552-12m_2hr2scalance_xr552-12scalance_xb213-3_firmwarescalance_sc622-2cscalance_xf204-2ba_dnascalance_xp208poe_eec_firmwarescalance_xc224-4c_g_eec_firmwarescalance_xr326-2c_poe_wg_firmwarescalance_xp216eec_firmwarescalance_xc208g_\(e\/ip\)scalance_xc224-4c_g_scalance_xm416-4c_l3_firmwarescalance_xr524_firmwarescalance_xr524-8cscalance_xc216scalance_xc224-4c_g_\(e\/ip\)scalance_xc216-4c_g_\(e\/ip\)scalance_xc216-4c_g_\(e\/ip\)_firmwarescalance_xb208scalance_xp216eecscalance_xc208eec_firmwarescalance_xc208gscalance_xr524-8c_l3scalance_sc646-2cscalance_xr552-12_firmwarescalance_xr324-4m_eec_firmwarescalance_xc216eec_firmwarescalance_xm408-4cscalance_xr-300eec_firmwarescalance_xr500scalance_xc216-4c_firmwarescalance_xb-200scalance_xb-200_firmwarescalance_xc216eecscalance_w700_ieee_802.11nscalance_xr324-4m_eecscalance_xc216-4c_gscalance_xr324-4m_poe_tsscalance_xc208_firmwarescalance_xp216poe_eec_firmwarescalance_xr528-6m_l3_firmwarescalance_xc224-4c_g_\(e\/ip\)_firmwarescalance_sc636-2c_firmwarescalance_xp208_\(eip\)scalance_sc642-2c_firmwarescalance_xr528scalance_xb205-3ldscalance_xr326-2c_poe_wgscalance_xc216-4c_g_eec_firmwarescalance_xr528-6m_2hr2scalance_xf-200ba_firmwarescalance_xm408-8c_l3scalance_sc-600_firmwarescalance_xb205-3ld_firmwarescalance_xc206-2g_poe_scalance_xm408-4c_l3_firmwarescalance_xr552-12mscalance_xm400scalance_xc208eecscalance_xb213-3ldscalance_xr524-8c_firmwarescalance_xr-300poe_firmwarescalance_sc632-2c_firmwarescalance_xr324-12m_firmwarescalance_xr528_firmwarescalance_xr-300_firmwarescalance_xc-200_firmwarescalance_xc224-4c_g_eecscalance_xb205-3scalance_xc206-2sfp_gscalance_xr526-8c_l3_firmwarescalance_xm416-4c_firmwarescalance_xc216-4cscalance_xr324-4m_poescalance_xr528-6m_2hr2_firmwarescalance_xc224-4c_g__firmwarescalance_xr328-4c_wgscalance_xb216_firmwarescalance_sc622-2c_firmwarescalance_xr526-8c_l3scalance_sc642-2cscalance_xc208g_firmwarescalance_xr324wgscalance_sc632-2cscalance_xc208scalance_xr324-12m_tsscalance_xp216_\(eip\)scalance_xb213-3scalance_xc208g_poescalance_xr500_firmwarescalance_xm408-8c_firmwarescalance_xr-300poescalance_w700_ieee_802.11acscalance_xc206-2sfp_g_\(e\/ip\)_firmwarescalance_xr-300wg_firmwarescalance_xm408-8cscalance_w700_ieee_802.11ax_firmwarescalance_xc206-2sfp_g_eecscalance_xp216scalance_m-800scalance_xr-300scalance_xp208_firmwarescalance_xp208poe_eecscalance_xm408-8c_l3_firmwarescalance_xf-200bascalance_xc208g_\(e\/ip\)_firmwarescalance_xm400_firmwarescalance_xc206-2sfp_g_\(e\/ip\)scalance_xc206-2sfp_eec_firmwarescalance_w700_ieee_802.11axscalance_xf204-2ba_dna_firmwarescalance_w700_ieee_802.11n_firmwarescalance_xc216-4c_g_firmwarescalance_xc208g_eecscalance_xc206-2_firmwarescalance_xp216poe_eecscalance_xr524-8c_l3_firmwarescalance_sc636-2cscalance_xr526-8cscalance_xr528-6m_2hr2_l3_firmwarescalance_xp-200_firmwarescalance_s615scalance_xr324-4m_poe_ts_firmwarescalance_xr552-12m_2hr2_l3_firmwarescalance_sc-600scalance_xc206-2g_poe_eecscalance_xb205-3_firmwarescalance_xr324-12m_ts_firmwarescalance_xr552_firmwarescalance_s615_firmwarescalance_xr524scalance_xp216_\(eip\)_firmwarescalance_xc206-2g_poe_eec_firmwarescalance_xf204-2ba_irtscalance_xr324-12mscalance_xc224__firmwarescalance_xr552-12m_2hr2_firmwarescalance_xc216-4c_g_eecscalance_xc206-2sfp_g_eec_firmwareSCALANCE M876-4 (EU)SCALANCE WAM763-1SCALANCE W1748-1 M12SCALANCE XC224-4C G (EIP Def.)SCALANCE W734-1 RJ45 (USA)SCALANCE XC206-2SFP GSCALANCE XR524-8C, 24VSCALANCE XC206-2 (SC)SCALANCE XB205-3 (SC, PN)SCALANCE XC216-4CSCALANCE SC646-2CSCALANCE XC206-2G PoE (54 V DC)SCALANCE XR328-4C WG (28xGE, DC 24V)SIPLUS NET SCALANCE XC206-2SCALANCE XP216EECSCALANCE XC216EECSCALANCE XR324WG (24 x FE, AC 230V)SCALANCE XB213-3 (ST, E/IP)SCALANCE XB208 (PN)SCALANCE XR552-12M (2HR2, L3 int.)SCALANCE M826-2 SHDSL-RouterSCALANCE XR328-4C WG (24XFE, 4XGE, 24V)SCALANCE W1788-2 M12SCALANCE W786-1 RJ45SCALANCE S615 LAN-RouterSCALANCE W774-1 M12 EECSCALANCE WUM766-1 (USA)SCALANCE XP216SCALANCE W778-1 M12 EECSCALANCE XP216POE EECSCALANCE W761-1 RJ45SCALANCE W722-1 RJ45SCALANCE XP208SCALANCE W1788-2 EEC M12SCALANCE SC642-2CSCALANCE XR526-8C, 24V (L3 int.)SCALANCE XC208GSCALANCE XR328-4C WG (24xFE,4xGE,AC230V)SCALANCE XR528-6M (2HR2)SCALANCE SC632-2CSCALANCE XC224SCALANCE XM408-4C (L3 int.)SCALANCE XB213-3 (SC, PN)SIPLUS NET SCALANCE XC208SCALANCE M812-1 ADSL-RouterSCALANCE XC206-2G PoESCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)SCALANCE XC208G PoE (54 V DC)SCALANCE WAM766-1 EEC (US)SCALANCE W778-1 M12 EEC (USA)SCALANCE W786-2IA RJ45SCALANCE XB213-3 (SC, E/IP)SCALANCE XR526-8C, 24VSCALANCE XC208SCALANCE XB208 (E/IP)SCALANCE XR552-12MSCALANCE XP216 (Ethernet/IP)SCALANCE XB205-3 (ST, E/IP)SCALANCE M876-3 (ROK)SCALANCE MUM853-1 (EU)SCALANCE XF204-2BASCALANCE XR326-2C PoE WGSCALANCE XR526-8C, 1x230V (L3 int.)SCALANCE W774-1 RJ45 (USA)SCALANCE XC216-3G PoE (54 V DC)SCALANCE WAM766-1 EECSCALANCE XR526-8C, 2x230VSCALANCE XC206-2SFP G (EIP DEF.)SCALANCE XR528-6M (L3 int.)SCALANCE XM408-4CSCALANCE XR526-8C, 1x230VSCALANCE XR524-8C, 24V (L3 int.)SCALANCE M874-3SCALANCE XM408-8CSCALANCE M876-4 (NAM)SCALANCE W786-2 SFPSCALANCE W738-1 M12SCALANCE XC208G (EIP def.)SCALANCE XC224-4C G EECSCALANCE W1788-2IA M12SCALANCE W774-1 RJ45SCALANCE XC206-2SFP EECSCALANCE XM416-4CSCALANCE XC216-3G PoESCALANCE XR524-8C, 2x230VSCALANCE XR528-6M (2HR2, L3 int.)SCALANCE XB205-3LD (SC, E/IP)SCALANCE XC216-4C G EECSCALANCE WUM766-1SCALANCE XC216-4C GSCALANCE XB213-3LD (SC, E/IP)SCALANCE W721-1 RJ45SCALANCE XR326-2C PoE WG (without UL)SCALANCE XR324WG (24 X FE, DC 24V)SCALANCE W748-1 RJ45SCALANCE W788-2 RJ45SCALANCE XR524-8C, 1x230VSCALANCE XR524-8C, 1x230V (L3 int.)SCALANCE MUM856-1 (EU)SCALANCE XC206-2SFP G EECSCALANCE M874-2SCALANCE W734-1 RJ45SCALANCE W748-1 M12SCALANCE XF204-2BA DNASCALANCE XB213-3LD (SC, PN)SCALANCE XC224-4C GSCALANCE XR526-8C, 2x230V (L3 int.)SCALANCE SC626-2CSCALANCE XP208EECSCALANCE XF204 DNASCALANCE XR528-6MSCALANCE WAM766-1SCALANCE W788-1 RJ45SCALANCE M816-1 ADSL-RouterSCALANCE W1788-1 M12SCALANCE W786-2 RJ45SCALANCE XP208 (Ethernet/IP)RUGGEDCOM RM1224 LTE(4G) EUSCALANCE XB205-3 (ST, PN)SCALANCE XB216 (E/IP)SCALANCE XC208G PoESCALANCE XC216-4C G (EIP Def.)SCALANCE W788-2 M12SCALANCE WAM766-1 (US)SCALANCE XC206-2 (ST/BFOC)SCALANCE XP208PoE EECSCALANCE XR524-8C, 2x230V (L3 int.)SCALANCE M804PBSCALANCE W788-1 M12SCALANCE XC206-2G PoE EEC (54 V DC)SCALANCE M876-3SCALANCE XR552-12M (2HR2)SCALANCE XC206-2SFPSCALANCE SC636-2CSCALANCE XM408-8C (L3 int.)SCALANCE XM416-4C (L3 int.)SCALANCE W788-2 M12 EECSCALANCE XB216 (PN)SCALANCE XC216SCALANCE XF204SIPLUS NET SCALANCE XC216-4CSCALANCE XB205-3LD (SC, PN)SCALANCE SC622-2CSCALANCE WUM763-1SCALANCE MUM856-1 (RoW)SIPLUS NET SCALANCE XC206-2SFPSCALANCE W778-1 M12SCALANCE XB213-3 (ST, PN)SCALANCE XC208EECSCALANCE XC208G EECRUGGEDCOM RM1224 LTE(4G) NAMSCALANCE XR328-4C WG (28xGE, AC 230V)
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2026-5338
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.35% / 90.06%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 14:00
Updated-07 Apr, 2026 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda G103 Setting system.lua action_set_system_settings command injection

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action_set_system_settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-g103g103_firmwareG103
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-56838
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.37% / 28.69%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 10:44
Updated-13 Jan, 2026 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). The SCEP client available in the affected device for secure certificate enrollment lacks validation of multiple fields. An attacker could leverage this scenario to execute arbitrary code as root user.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_ii_firmwareruggedcom_rox_iiRUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1536RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1500RUGGEDCOM ROX MX5000RE
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2024-56839
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-8.6||HIGH
EPSS-0.57% / 43.18%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 10:44
Updated-13 Jan, 2026 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). Code injection can be achieved when the affected device is using VRF (Virtual Routing and Forwarding). An attacker could leverage this scenario to execute arbitrary code as root user.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rox_ii_firmwareruggedcom_rox_iiRUGGEDCOM ROX RX1501RUGGEDCOM ROX RX5000RUGGEDCOM ROX RX1536RUGGEDCOM ROX MX5000RUGGEDCOM ROX RX1512RUGGEDCOM ROX RX1511RUGGEDCOM ROX RX1400RUGGEDCOM ROX RX1524RUGGEDCOM ROX RX1510RUGGEDCOM ROX RX1500RUGGEDCOM ROX MX5000RE
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found