Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-8693

Summary
Assigner-Zyxel
Assigner Org ID-96e50032-ad0d-4058-a115-4d2c13821f9f
Published At-18 Nov, 2025 | 01:25
Updated At-26 Feb, 2026 | 16:56
Rejected At-
Credits

A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Zyxel
Assigner Org ID:96e50032-ad0d-4058-a115-4d2c13821f9f
Published At:18 Nov, 2025 | 01:25
Updated At:26 Feb, 2026 | 16:56
Rejected At:
▼CVE Numbering Authority (CNA)

A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

Affected Products
Vendor
Zyxel Networks CorporationZyxel
Product
DX3300-T0 firmware
Default Status
unaffected
Versions
Affected
  • <= 5.50(ABVY.6.3)C0
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-uncontrolled-resource-consumption-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-11-18-2025
vendor-advisory
Hyperlink: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-uncontrolled-resource-consumption-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-11-18-2025
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@zyxel.com.tw
Published At:18 Nov, 2025 | 02:15
Updated At:15 Dec, 2025 | 14:03

A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50(ABVY.6.3)C0 and earlier could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches

Zyxel Networks Corporation
zyxel
>>dm4200-b0_firmware>>Versions up to 5.17\(acbs.1.3\)c0(inclusive)
cpe:2.3:o:zyxel:dm4200-b0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dm4200-b0>>-
cpe:2.3:h:zyxel:dm4200-b0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3300-t0_firmware>>Versions up to 5.50\(abvy.6.3\)c0(inclusive)
cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3300-t0>>-
cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3300-t1_firmware>>Versions up to 5.50\(abvy.6.3\)c0(inclusive)
cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3300-t1>>-
cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3301-t0_firmware>>Versions up to 5.50\(abvy.6.3\)c0(inclusive)
cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx3301-t0>>-
cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx4510-b1_firmware>>Versions up to 5.17\(abyl.9\)c0(inclusive)
cpe:2.3:o:zyxel:dx4510-b1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx4510-b1>>-
cpe:2.3:h:zyxel:dx4510-b1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx5401-b0_firmware>>Versions up to 5.17\(abyo.7\)b2(inclusive)
cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx5401-b0>>-
cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx5401-b1_firmware>>Versions up to 5.17\(abyo.7\)b2(inclusive)
cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>dx5401-b1>>-
cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ee3301-00_firmware>>Versions up to 5.63\(acmu.1.1\)c0(inclusive)
cpe:2.3:o:zyxel:ee3301-00_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ee3301-00>>-
cpe:2.3:h:zyxel:ee3301-00:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ee5301-00_firmware>>Versions up to 5.63\(acld.1.1\)c0(inclusive)
cpe:2.3:o:zyxel:ee5301-00_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ee5301-00>>-
cpe:2.3:h:zyxel:ee5301-00:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ee6510-10_firmware>>Versions up to 5.19\(acjq.3\)c0(inclusive)
cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ee6510-10>>-
cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t0_firmware>>Versions up to 5.50\(abvy.6.3\)c0(inclusive)
cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t0>>-
cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t0_firmware>>Versions up to 5.50\(acdi.2.1\)c0(inclusive)
cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t0>>-
cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t1_firmware>>Versions up to 5.50\(abvy.6.3\)c0(inclusive)
cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3300-t1>>-
cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3301-t0_firmware>>Versions up to 5.50\(abvy.6.3\)c0(inclusive)
cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3301-t0>>-
cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3500-t0_firmware>>Versions up to 5.44\(achr.4\)c0(inclusive)
cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3500-t0>>-
cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3501-t0_firmware>>Versions up to 5.44\(achr.4\)c0(inclusive)
cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3501-t0>>-
cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3510-b0_firmware>>Versions up to 5.17\(abup.15\)c0(inclusive)
cpe:2.3:o:zyxel:ex3510-b0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3510-b0>>-
cpe:2.3:h:zyxel:ex3510-b0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3510-b1_firmware>>Versions up to 5.17\(abup.15\)c0(inclusive)
cpe:2.3:o:zyxel:ex3510-b1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3510-b1>>-
cpe:2.3:h:zyxel:ex3510-b1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3600-t0_firmware>>Versions up to 5.70\(acif.1.2\)c0(inclusive)
cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex3600-t0>>-
cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5401-b0_firmware>>Versions up to 5.17\(abyo.7\)b2(inclusive)
cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5401-b0>>-
cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5401-b1_firmware>>Versions up to 5.17\(abyo.7\)b2(inclusive)
cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5401-b1>>-
cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5501-b0_firmware>>Versions up to 5.17\(abry.5.5\)c0(inclusive)
cpe:2.3:o:zyxel:ex5501-b0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5501-b0>>-
cpe:2.3:h:zyxel:ex5501-b0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5510-b0_firmware>>Versions up to 5.17\(abqx.10\)c0(inclusive)
cpe:2.3:o:zyxel:ex5510-b0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5510-b0>>-
cpe:2.3:h:zyxel:ex5510-b0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5512-t0_firmware>>Versions up to 5.70\(aceg.5\)c0(inclusive)
cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5512-t0>>-
cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5601-t0_firmware>>Versions up to 5.70\(acdz.4.1\)c0(inclusive)
cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*
Zyxel Networks Corporation
zyxel
>>ex5601-t0>>-
cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-78Secondarysecurity@zyxel.com.tw
CWE ID: CWE-78
Type: Secondary
Source: security@zyxel.com.tw
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-uncontrolled-resource-consumption-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-11-18-2025security@zyxel.com.tw
Vendor Advisory
Hyperlink: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-uncontrolled-resource-consumption-and-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-security-routers-and-wireless-extenders-11-18-2025
Source: security@zyxel.com.tw
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1143Records found

CVE-2023-5372
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-28.47% / 97.89%
||
7 Day CHG~0.00%
Published-30 Jan, 2024 | 00:55
Updated-23 Aug, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21(AAZF.15)C0 and NAS542 firmware versions through V5.21(ABAG.12)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands by sending a crafted query parameter attached to the URL of an affected device’s web management interface.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nas326nas542_firmwarenas542nas326_firmwareNAS542 firmwareNAS326 firmwarenas542_firmwarenas326_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-27988
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.42% / 69.50%
||
7 Day CHG~0.00%
Published-30 May, 2023 | 00:00
Updated-14 Jan, 2025 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The post-authentication command injection vulnerability in the Zyxel NAS326 firmware versions prior to V5.21(AAZF.13)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands on an affected device remotely.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nas542nas540nas540_firmwarenas542_firmwarenas326nas326_firmwareNAS326 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-4029
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-8.8||HIGH
EPSS-0.76% / 50.59%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 14:25
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary OS commands via a LAN interface.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nbg6816nbg6816_firmwarenbg6817_firmwarenbg6817ARMOR Z2 (NBG6817) firmwareARMOR Z1 (NBG6816) firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-4039
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-9.8||CRITICAL
EPSS-71.05% / 99.33%
||
7 Day CHG~0.00%
Published-01 Mar, 2022 | 06:40
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could allow an attacker to execute arbitrary OS commands on the device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nwa1100-nhnwa1100-nh_firmwareNWA1100-NH firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-4473
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-9.8||CRITICAL
EPSS-41.35% / 98.50%
||
7 Day CHG~0.00%
Published-30 Nov, 2023 | 01:40
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-nas326nas542_firmwarenas542nas326_firmwareNAS326 firmwareNAS542 firmwarenas542_firmwarenas326_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-18372
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-21.89% / 97.35%
||
7 Day CHG~0.00%
Published-02 May, 2019 | 16:15
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the tools_time.asp page and can be exploited through the uiViewSNTPServer parameter. Authentication can be achieved by exploiting CVE-2017-18373.

Action-Not Available
Vendor-billionn/aZyxel Networks Corporation
Product-5200w-t_firmwarep660hn-t1a_v25200w-tp660hn-t1a_v1_firmwarep660hn-t1a_v2_firmwarep660hn-t1a_v1n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-18368
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-94.51% / 99.84%
||
7 Day CHG~0.00%
Published-02 May, 2019 | 16:14
Updated-05 Nov, 2025 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-08-28||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the ViewLog.asp page and can be exploited through the remote_host parameter.

Action-Not Available
Vendor-billionn/aZyxel Networks Corporation
Product-5200w-tp660hn-t1a_v1_firmwarep660hn-t1a_v2_firmwarep660hn-t1a_v25200w-t_firmwarep660hn-t1a_v1n/aP660HN-T1A Routers
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2017-15226
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.22% / 80.54%
||
7 Day CHG~0.00%
Published-10 Oct, 2017 | 23:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zyxel NBG6716 V1.00(AAKG.9)C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-nbg6716_firmwarenbg6716n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-1459
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-0.90% / 55.31%
||
7 Day CHG~0.00%
Published-24 Feb, 2026 | 02:48
Updated-26 Feb, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.7)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-emg3525-t50bemg5523-t50b_firmwaredx5401-b1_firmwareemg3525-t50b_firmwarevmg3625-t50c_firmwarevmg8623-t50b_firmwarevmg3625-t50cvmg3625-t50bdx5401-b1emg5523-t50bvmg3625-t50b_firmwarevmg8623-t50bVMG3625-T50B firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-1460
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.16% / 63.20%
||
7 Day CHG~0.00%
Published-28 Apr, 2026 | 02:06
Updated-29 Apr, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50(ABVY.7.1)C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-DX3301-T0 firmwareEX3301-T0 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-35031
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.46% / 36.86%
||
7 Day CHG~0.00%
Published-28 Dec, 2021 | 10:36
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and XGS1250 series firmware, which could allow an authenticated LAN user to execute arbitrary OS commands via the GUI of the vulnerable device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-gs1900-24hpv2_firmwaregs1900-10hpxgs1250-12gs1900-24_firmwaregs1900-24e_firmwaregs1900-8gs1900-48hpgs1900-8hp_firmwaregs1900-48_firmwaregs1900-48hpv2_firmwaregs1900-48hpv2gs1900-24epgs1900-24ep_firmwarexgs1210-12xgs1250-12_firmwaregs1900-24hp_firmwaregs1900-24gs1900-8hpgs1900-24egs1900-24hpv2gs1900-8_firmwaregs1900-48gs1900-48hp_firmwaregs1900-16_firmwaregs1900-10hp_firmwaregs1900-16xgs1210-12_firmwaregs1900-24hpGS1900 series firmwareXGS1210 series firmwareXGS1250 series firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-8078
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.2||HIGH
EPSS-1.50% / 71.07%
||
7 Day CHG~0.00%
Published-21 Oct, 2025 | 01:49
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series firmware versions from V4.16 through V5.40, and USG20(W)-VPN series firmware versions from V4.16 through V5.40 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on the affected device by passing a crafted string as an argument to a CLI command.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-usg_flex_100atp100atp200usg_flex_50axusg_flex_100axatp800usg_flex_100wusg_flex_500usg_flex_50zldatp100wusg_flex_200atp700usg_flex_50wusg_20w-vpnusg_flex_700atp500ATP series firmwareUSG20(W)-VPN series firmwareUSG FLEX 50(W) series firmwareUSG FLEX series firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-35028
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-7.3||HIGH
EPSS-0.31% / 22.30%
||
7 Day CHG~0.00%
Published-29 Sep, 2021 | 10:35
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A command injection vulnerability in the CGI program of the Zyxel VPN2S firmware version 1.12 could allow an authenticated, local user to execute arbitrary OS commands.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-zywall_vpn2s_firmwarezywall_vpn2sZyWALL VPN2S Firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-35032
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.4||MEDIUM
EPSS-0.21% / 11.61%
||
7 Day CHG~0.00%
Published-28 Dec, 2021 | 10:42
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow an authenticated local user to execute arbitrary OS commands via a crafted function call.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-gs1900-24hpv2_firmwaregs1900-10hpgs1900-24_firmwaregs1900-24e_firmwaregs1900-8gs1900-48hpgs1900-8hp_firmwaregs1900-48_firmwaregs1900-48hpv2_firmwaregs1900-48hpv2gs1900-24epgs1900-24ep_firmwaregs1900-24gs1900-8hpgs1900-24egs1900-24hpv2gs1900-8_firmwaregs1900-48gs1900-48hp_firmwaregs1900-16_firmwaregs1900-10hp_firmwaregs1900-16gs1900-24hp_firmwaregs1900-24hpGS1900 series firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-0711
Matching Score-6
Assigner-Zyxel Corporation
ShareView Details
Matching Score-6
Assigner-Zyxel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.91% / 55.52%
||
7 Day CHG~0.00%
Published-28 Apr, 2026 | 01:57
Updated-29 Apr, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through 5.50(ABVY.7.1)C0 could allow an authenticated, adjacent attacker with administrator privileges to execute OS commands on an affected device.

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-DX3300-T0 firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-10631
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.29% / 81.11%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 04:59
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Shell Metacharacter Injection in the package installer on Zyxel NAS 326 version 5.21 and below allows an authenticated attacker to execute arbitrary code via multiple different requests.

Action-Not Available
Vendor-n/aZyxel Networks Corporation
Product-nas326nas326_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-9054
Matching Score-6
Assigner-CERT/CC
ShareView Details
Matching Score-6
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-99.99% / 99.98%
||
7 Day CHG~0.00%
Published-04 Mar, 2020 | 19:30
Updated-10 Nov, 2025 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.
ZyXEL NAS products running firmware version 5.21 and earlier are vulnerable to pre-authentication command injection in weblogin.cgi

Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2

Action-Not Available
Vendor-Zyxel Networks Corporation
Product-vpn100_firmwareusg40w_firmwarevpn50usg60usg1100_firmwareusg60_firmwareatp200atp100usg40vpn50_firmwareusg310_firmwarenas326_firmwareatp500zywall1100usg2200zywall1100_firmwarezywall310usg40_firmwarenas326nas520vpn300atp800_firmwareusg60w_firmwareusg60wusg210zywall110_firmwareusg20w-vpn_firmwareusg20w-vpnnas540_firmwarevpn100atp100_firmwareatp800atp500_firmwareusg110_firmwareusg210_firmwarezywall310_firmwarenas520_firmwarezywall110nas542_firmwarevpn1000usg1900_firmwareusg310nas542vpn300_firmwareusg40wusg20-vpnusg2200_firmwareusg110usg1100atp200_firmwarevpn1000_firmwarenas540usg20-vpn_firmwareusg1900NSA325NSA220NAS520NSA320SNSA221NAS540NSA310NSA320NSA325v2NSA220+NSA210NAS326NAS542Multiple Network-Attached Storage (NAS) Devices
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-44149
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-64.35% / 99.13%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 00:00
Updated-09 Apr, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required

Action-Not Available
Vendor-nexxtsolutionsn/a
Product-amp300_firmwareamp300n/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-35576
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-42.29% / 98.53%
||
7 Day CHG~0.00%
Published-25 Jan, 2021 | 00:00
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wr841ntl-wr841n_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-43464
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-1.00% / 58.51%
||
7 Day CHG~0.00%
Published-07 Dec, 2022 | 00:00
Updated-23 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hidden functionality vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

Action-Not Available
Vendor-unimoUNIMO Technology Co., Ltd
Product-udr-ja1616udr-ja1604udr-ja1608_firmwareudr-ja1604_firmwareudr-ja1616_firmwareudr-ja1608UDR-JA1604/UDR-JA1608/UDR-JA1616
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-2605
Matching Score-4
Assigner-Honeywell International Inc.
ShareView Details
Matching Score-4
Assigner-Honeywell International Inc.
CVSS Score-9.9||CRITICAL
EPSS-10.17% / 95.09%
||
7 Day CHG+0.76%
Published-02 May, 2025 | 12:39
Updated-17 May, 2025 | 06:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated command injection

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before V12.53 and MB-Secure PRO from V01.06 before V03.09.Honeywell also recommends updating to the most recent version of this product.

Action-Not Available
Vendor-Honeywell International Inc.
Product-mb-securemb-secure_pro_firmwaremb-secure_firmwaremb-secure_proMB-Secure
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2020-3332
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.1||HIGH
EPSS-3.18% / 86.50%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:21
Updated-15 Nov, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Command Shell Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary shell commands or scripts with root privileges on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv130_vpn_routerrv130_vpn_router_firmwarerv215w_wireless-n_vpn_routerrv110w_wireless-n_vpn_firewall_firmwarerv215w_wireless-n_vpn_router_firmwarerv130w_wireless-n_multifunction_vpn_routerrv110w_wireless-n_vpn_firewallrv130w_wireless-n_multifunction_vpn_router_firmwareCisco RV130W Wireless-N Multifunction VPN Router Firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-25053
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.88% / 54.81%
||
7 Day CHG-0.01%
Published-09 Apr, 2025 | 09:03
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OS command injection vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to the product.

Action-Not Available
Vendor-Inaba Denki Sangyo Co., Ltd.
Product-AC-PD-WPS-11acAC-WPS-11ac-PAC-PD-WPS-11ac-PAC-WPSM-11acAC-WPSM-11ac-PAC-WPS-11ac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9207
Matching Score-4
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-4
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-8.8||HIGH
EPSS-0.39% / 31.11%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 01:19
Updated-27 May, 2026 | 14:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an unauthorized code execution vulnerability in Connect.

Tanium addressed an unauthorized code execution vulnerability in Connect.

Action-Not Available
Vendor-Tanium
Product-Connect
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9208
Matching Score-4
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
ShareView Details
Matching Score-4
Assigner-3938794e-25f5-4123-a1ba-5cbd7f104512
CVSS Score-8.8||HIGH
EPSS-0.42% / 33.85%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 20:59
Updated-02 Jun, 2026 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tanium addressed an unauthorized code execution vulnerability in Connect.

Tanium addressed an unauthorized code execution vulnerability in Connect.

Action-Not Available
Vendor-taniumTanium
Product-connectConnect
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-25039
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-4.7||MEDIUM
EPSS-0.62% / 45.50%
||
7 Day CHG+0.04%
Published-04 Feb, 2025 | 18:13
Updated-28 Mar, 2025 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated Remote Command Injection in HPE Aruba Networking ClearPass Policy Manager Web-Based Management Interface

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)Aruba Networks
Product-clearpass_policy_managerHPE Aruba Networking ClearPass Policy Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-44019
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.00% / 78.36%
||
7 Day CHG~0.00%
Published-29 Oct, 2022 | 00:00
Updated-07 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Total.js 4 before 0e5ace7, /api/common/ping can achieve remote command execution via shell metacharacters in the host parameter.

Action-Not Available
Vendor-totaljsn/a
Product-total.jsn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-24351
Matching Score-4
Assigner-Robert Bosch GmbH
ShareView Details
Matching Score-4
Assigner-Robert Bosch GmbH
CVSS Score-8.8||HIGH
EPSS-0.66% / 47.15%
||
7 Day CHG~0.00%
Published-30 Apr, 2025 | 11:47
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the “Remote Logging” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to execute arbitrary OS commands in the context of user “root” via a crafted HTTP request.

Action-Not Available
Vendor-Bosch Rexroth AG
Product-ctrlX OS - Device Admin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-16213
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.94% / 85.45%
||
7 Day CHG~0.00%
Published-25 Jun, 2020 | 19:19
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-pa6pa6_firmwaren/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8659
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-6||MEDIUM
EPSS-0.83% / 53.17%
||
7 Day CHG+0.10%
Published-25 Jun, 2026 | 00:07
Updated-29 Jun, 2026 | 19:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Rapid7 InsightConnect SQLmap Plugin

OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the api_host or api_port parameters during connection configuration due to insufficient input validation.

Action-Not Available
Vendor-Linux Kernel Organization, IncRapid7 LLC
Product-insightconnect_sqlmaplinux_kernelInsightConnect SQLmap Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8663
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-6||MEDIUM
EPSS-0.83% / 53.17%
||
7 Day CHG+0.10%
Published-24 Jun, 2026 | 23:56
Updated-29 Jun, 2026 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Rapid7 InsightConnect RPM Plugin

OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the repo, key, or name parameters due to insufficient input sanitization in shell command construction.

Action-Not Available
Vendor-Linux Kernel Organization, IncRapid7 LLC
Product-insightconnect_rpmlinux_kernelInsightConnect RPM Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-9155
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-8.8||HIGH
EPSS-0.92% / 55.81%
||
7 Day CHG+0.02%
Published-25 Jun, 2026 | 00:25
Updated-27 Jun, 2026 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Rapid7 InsightConnect Sed Plugin via expression parameter.

OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input validation.

Action-Not Available
Vendor-Linux Kernel Organization, IncRapid7 LLCGNU
Product-sedlinux_kernelInsightConnect Sed Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8664
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-6||MEDIUM
EPSS-0.83% / 53.17%
||
7 Day CHG+0.10%
Published-25 Jun, 2026 | 01:28
Updated-29 Jun, 2026 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Rapid7 InsightConnect Finger Plugin

OS Command Injection vulnerability in Rapid7 InsightConnect Finger Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the user or host parameters due to insufficient input validation in shell command construction.

Action-Not Available
Vendor-Rapid7 LLC
Product-insightconnect_fingerInsightConnect Finger Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8658
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-6||MEDIUM
EPSS-0.83% / 53.17%
||
7 Day CHG+0.10%
Published-25 Jun, 2026 | 01:56
Updated-29 Jun, 2026 | 19:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OS Command Injection in Rapid7 InsightConnect Tcpdump Plugin

OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the options or filter parameters due to insufficient input sanitization in shell command construction.

Action-Not Available
Vendor-Linux Kernel Organization, IncRapid7 LLC
Product-insightconnect_tcpdumplinux_kernelInsightConnect Tcpdump Plugin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2014-0163
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-1.99% / 78.23%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 15:33
Updated-06 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.

Action-Not Available
Vendor-OpenshiftRed Hat, Inc.
Product-openshiftOpenshift
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2019-1614
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-4.03% / 89.36%
||
7 Day CHG-0.08%
Published-11 Mar, 2019 | 22:00
Updated-20 Nov, 2024 | 17:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software NX-API Command Injection Vulnerability

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The vulnerability is due to incorrect input validation of user-supplied data by the NX-API subsystem. An attacker could exploit this vulnerability by sending malicious HTTP or HTTPS packets to the management interface of an affected system that has the NX-API feature enabled. A successful exploit could allow the attacker to perform a command-injection attack and execute arbitrary commands with root privileges. Note: NX-API is disabled by default. MDS 9000 Series Multilayer Switches are affected running software versions prior to 8.1(1b) and 8.2(3). Nexus 3000 Series Switches are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 3500 Platform Switches are affected running software versions prior to 7.0(3)I7(4). Nexus 2000, 5500, 5600, and 6000 Series Switches are affected running software versions prior to 7.3(4)N1(1). Nexus 9000 Series Switches in Standalone NX-OS Mode are affected running software versions prior to 7.0(3)I4(9) and 7.0(3)I7(4). Nexus 7000 and 7700 Series Switches are affected running software versions prior to 7.3(3)D1(1) and 8.2(3).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-nexus_3500nexus_9000mds_9000nexus_5500nx-osnexus_3000nexus_6000nexus_7000nexus_2000nexus_5600nexus_7700MDS 9000 Series Multilayer SwitchesNexus 9000 Series Switches in Standalone NX-OS ModeNexus 7000 and 7700 Series SwitchesNexus 3500 Platform SwitchesNexus 2000, 5500, 5600, and 6000 Series SwitchesNexus 3000 Series Switches
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-6896
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.06% / 89.42%
||
7 Day CHG~0.00%
Published-30 Jun, 2025 | 07:02
Updated-14 Jul, 2025 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DI-7300G+ wget_test.asp os command injection

A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-di-7300g\+_firmwaredi-7300g\+DI-7300G+
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-7551
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-0.65% / 46.61%
||
7 Day CHG~0.00%
Published-30 Apr, 2026 | 21:29
Updated-23 Jun, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HKUDS OpenHarness Remote Command Execution via /bridge Slash Command

HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded to the bridge session manager and executed through the shared shell subprocess helper, allowing them to spawn shell sessions as the OpenHarness process user and access local files, credentials, workspace state, and repository contents.

Action-Not Available
Vendor-hkudsHKUDS
Product-openharnessOpenHarness
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-7609
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.12% / 89.57%
||
7 Day CHG~0.00%
Published-02 May, 2026 | 09:00
Updated-06 May, 2026 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TRENDnet TEW-821DAP Firmware Udpate diagnostic tools_diagnostic os command injection

A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function tools_diagnostic of the file /tmp/diagnostic of the component Firmware Udpate. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-TRENDnet, Inc.
Product-tew-821dap_firmwaretew-821dapTEW-821DAP
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-43907
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-1.02% / 59.10%
||
7 Day CHG~0.00%
Published-27 Aug, 2023 | 22:38
Updated-01 Oct, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Security Guardium command execution

IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901.

Action-Not Available
Vendor-IBM Corporation
Product-security_guardiumSecurity Guardiumsecurity_guardium
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8112
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-2.94% / 85.44%
||
7 Day CHG~0.00%
Published-07 May, 2026 | 21:00
Updated-29 May, 2026 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
8421bit MiniClaw kernel.ts executeCognitivePulse os command injection

A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The patch is named 028f62216dee9f64833d0f1cfda7c217067ceba8. To fix this issue, it is recommended to deploy a patch.

Action-Not Available
Vendor-8421bit8421bit
Product-miniclawMiniClaw
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8188
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-5.45% / 91.77%
||
7 Day CHG~0.00%
Published-09 May, 2026 | 15:15
Updated-13 May, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink NU516U1 adm.cgi change_wifi_password os command injection

A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Affected is the function change_wifi_password of the file /cgi-bin/adm.cgi. The manipulation of the argument wl_channel/wl_Pass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1wl-nu516u1_firmwareNU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8189
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.81% / 90.88%
||
7 Day CHG~0.00%
Published-09 May, 2026 | 16:15
Updated-13 May, 2026 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink NU516U1 adm.cgi wzdrepeater os command injection

A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlan_bssid/sel_Automode/sel_EncrypTyp results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1wl-nu516u1_firmwareNU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8190
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-5.34% / 91.64%
||
7 Day CHG~0.00%
Published-09 May, 2026 | 17:15
Updated-13 May, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink NU516U1 adm.cgi wan os command injection

A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument ppp_username/ppp_passwd/rwan_ip/rwan_mask/rwan_gateway is directly passed by the attacker/so we can control the ppp_username/ppp_passwd/rwan_ip/rwan_mask/rwan_gateway causes os command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1wl-nu516u1_firmwareNU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8191
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-5.34% / 91.64%
||
7 Day CHG~0.00%
Published-09 May, 2026 | 18:15
Updated-13 May, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink NU516U1 adm.cgi wifi_region os command injection

A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. This affects the function wifi_region of the file /cgi-bin/adm.cgi. Such manipulation of the argument skiplist1/skiplist2 leads to os command injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1wl-nu516u1_firmwareNU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8192
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.84% / 90.94%
||
7 Day CHG~0.00%
Published-09 May, 2026 | 18:30
Updated-13 May, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink NU516U1 adm.cgi wzdap os command injection

A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wl_Pass is directly passed by the attacker/so we can control the EncrypType/wl_Pass results in os command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1wl-nu516u1_firmwareNU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8227
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.94% / 91.10%
||
7 Day CHG~0.00%
Published-10 May, 2026 | 03:45
Updated-13 May, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink NU516U1 adm.cgi wzdapMesh os command injection

A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1wl-nu516u1_firmwareNU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8228
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.81% / 90.88%
||
7 Day CHG~0.00%
Published-10 May, 2026 | 04:00
Updated-13 May, 2026 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink NU516U1 wireless.cgi advance os command injection

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlan_conf/Channel/skiplist/ieee_80211h leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1wl-nu516u1_firmwareNU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8229
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.94% / 91.11%
||
7 Day CHG~0.00%
Published-10 May, 2026 | 04:15
Updated-12 May, 2026 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink NU516U1 wireless.cgi WifiBasic os command injection

A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1wl-nu516u1_firmwareNU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-8230
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-4.94% / 91.10%
||
7 Day CHG~0.00%
Published-10 May, 2026 | 04:30
Updated-12 May, 2026 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wavlink NU516U1 login.cgi sys_login1 os command injection

A flaw has been found in Wavlink NU516U1 240425. The impacted element is the function sys_login1 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure.

Action-Not Available
Vendor-WAVLINK Technology Ltd.
Product-wl-nu516u1wl-nu516u1_firmwareNU516U1
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 22
  • 23
  • Next
Details not found