Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-9528

Summary
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
Published At-27 Aug, 2025 | 13:02
Updated At-27 Aug, 2025 | 13:26
Rejected At-
Credits

Linksys E1700 systemCommand os command injection

A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulDB
Assigner Org ID:1af790b2-7ee1-4545-860a-a788eba489b5
Published At:27 Aug, 2025 | 13:02
Updated At:27 Aug, 2025 | 13:26
Rejected At:
▼CVE Numbering Authority (CNA)
Linksys E1700 systemCommand os command injection

A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Products
Vendor
Linksys Holdings, Inc.Linksys
Product
E1700
Versions
Affected
  • 1.0.0.4.003
Problem Types
TypeCWE IDDescription
CWECWE-78OS Command Injection
CWECWE-77Command Injection
Type: CWE
CWE ID: CWE-78
Description: OS Command Injection
Type: CWE
CWE ID: CWE-77
Description: Command Injection
Metrics
VersionBase scoreBase severityVector
4.05.1MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
3.14.7MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
3.04.7MEDIUM
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
2.05.8N/A
AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR
Version: 4.0
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Version: 3.0
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Version: 2.0
Base score: 5.8
Base severity: N/A
Vector:
AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
Bond_yes (VulDB User)
Timeline
EventDate
Advisory disclosed2025-08-27 00:00:00
VulDB entry created2025-08-27 02:00:00
VulDB entry last update2025-08-27 09:37:05
Event: Advisory disclosed
Date: 2025-08-27 00:00:00
Event: VulDB entry created
Date: 2025-08-27 02:00:00
Event: VulDB entry last update
Date: 2025-08-27 09:37:05
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.321545
vdb-entry
technical-description
https://vuldb.com/?ctiid.321545
signature
permissions-required
https://vuldb.com/?submit.634827
third-party-advisory
https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.md
related
https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.md#poc
exploit
https://www.linksys.com/
product
Hyperlink: https://vuldb.com/?id.321545
Resource:
vdb-entry
technical-description
Hyperlink: https://vuldb.com/?ctiid.321545
Resource:
signature
permissions-required
Hyperlink: https://vuldb.com/?submit.634827
Resource:
third-party-advisory
Hyperlink: https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.md
Resource:
related
Hyperlink: https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.md#poc
Resource:
exploit
Hyperlink: https://www.linksys.com/
Resource:
product
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@vuldb.com
Published At:27 Aug, 2025 | 14:15
Updated At:27 Aug, 2025 | 14:15

A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.1MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.14.7MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Secondary2.05.8MEDIUM
AV:N/AC:L/Au:M/C:P/I:P/A:P
Type: Secondary
Version: 4.0
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Type: Secondary
Version: 2.0
Base score: 5.8
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:M/C:P/I:P/A:P
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-77Primarycna@vuldb.com
CWE-78Primarycna@vuldb.com
CWE ID: CWE-77
Type: Primary
Source: cna@vuldb.com
CWE ID: CWE-78
Type: Primary
Source: cna@vuldb.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.mdcna@vuldb.com
N/A
https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.md#poccna@vuldb.com
N/A
https://vuldb.com/?ctiid.321545cna@vuldb.com
N/A
https://vuldb.com/?id.321545cna@vuldb.com
N/A
https://vuldb.com/?submit.634827cna@vuldb.com
N/A
https://www.linksys.com/cna@vuldb.com
N/A
Hyperlink: https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.md
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://github.com/wudipjq/my_vuln/blob/main/Linksys2/vuln_61/61.md#poc
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?ctiid.321545
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?id.321545
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?submit.634827
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://www.linksys.com/
Source: cna@vuldb.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

129Records found
CVE-2024-9076
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-4.03% / 88.02%
||
7 Day CHG~0.00%
Published-22 Sep, 2024 | 00:00
Updated-28 Nov, 2024 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DedeCMS article_string_mix.php os command injection

A vulnerability was found in DedeCMS up to 5.7.115. It has been rated as critical. This issue affects some unknown processing of the file /dede/article_string_mix.php. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-n/aDedeCMS
Product-dedecmsDedeCMSdedecms
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-6269
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.92% / 75.02%
||
7 Day CHG~0.00%
Published-23 Jun, 2024 | 11:31
Updated-21 Aug, 2025 | 00:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC HTTP POST Request sxh_vpnlic.php get_ip.addr_details command injection

A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects the function get_ip.addr_details of the file /view/vpn/autovpn/sxh_vpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument indevice leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-269482 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uacrg-uac_firmwareRG-UACrg-uac
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-53692
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.10% / 28.01%
||
7 Day CHG~0.00%
Published-07 Mar, 2025 | 16:13
Updated-07 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-QTSQuTS hero
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5339
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.27% / 49.73%
||
7 Day CHG~0.00%
Published-25 May, 2024 | 16:31
Updated-21 Aug, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC online_check.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/vpn/autovpn/online_check.php. The manipulation of the argument peernode leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266245 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UAC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-53672
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-4.7||MEDIUM
EPSS-0.17% / 38.86%
||
7 Day CHG~0.00%
Published-03 Dec, 2024 | 20:14
Updated-07 Apr, 2025 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authenticated Remote Command Injection in HPE Aruba Networking ClearPass Policy Manager Web-Based Management Interface

A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system.

Action-Not Available
Vendor-Hewlett Packard Enterprise (HPE)Aruba Networks
Product-clearpass_policy_managerHPE Aruba Networking ClearPass Policy Manager
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-5338
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.27% / 49.73%
||
7 Day CHG~0.00%
Published-25 May, 2024 | 15:31
Updated-21 Aug, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC online.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been classified as critical. Affected is an unknown function of the file /view/vpn/autovpn/online.php. The manipulation of the argument peernode leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266244. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACrg-uac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5337
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.09% / 27.03%
||
7 Day CHG~0.00%
Published-25 May, 2024 | 15:00
Updated-21 Aug, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC user_commit.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240516 and classified as critical. This issue affects some unknown processing of the file /view/systemConfig/sys_user/user_commit.php. The manipulation of the argument email2/user_name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266243. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACrg-uac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5340
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.42% / 60.91%
||
7 Day CHG~0.00%
Published-25 May, 2024 | 21:31
Updated-21 Aug, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC sub_commit.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/vpn/autovpn/sub_commit.php. The manipulation of the argument key leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-266246 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-isg02rg-uac_6000-x100s_firmwarerg-uac_6000-ea_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-e20_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e20crg-uac_6000-x300drg-uac_6000-x20rg-uac_6000-e10_firmwarerg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e10rg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACrg-uac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5195
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.12% / 31.23%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 11:00
Updated-01 Aug, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arris VAP2500 diag_s.php command injection

A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer_info leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265832.

Action-Not Available
Vendor-Arris
Product-VAP2500
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-5241
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.56% / 67.35%
||
7 Day CHG~0.00%
Published-23 May, 2024 | 07:00
Updated-01 Aug, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Huashi Private Cloud CDN Live Streaming Acceleration Server ipconfig_new.php os command injection

A vulnerability was found in Huashi Private Cloud CDN Live Streaming Acceleration Server up to 20240520. It has been classified as critical. Affected is an unknown function of the file /manager/ipconfig_new.php. The manipulation of the argument dev leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265992.

Action-Not Available
Vendor-Huashihuashi
Product-Private Cloud CDN Live Streaming Acceleration Serverprivate_cloud_cdn_live_streaming_acceleration_server
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4510
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.32% / 54.71%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 00:31
Updated-21 Aug, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC arp_add_commit.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/networkConfig/ArpTable/arp_add_commit.php. The manipulation of the argument text_ip_addr/text_mac_addr leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-263114 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACru-uac_firmware
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4508
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.36% / 57.15%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 00:00
Updated-21 Aug, 2025 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC static_route_edit_ipv6.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been classified as critical. Affected is an unknown function of the file /view/IPV6/ipv6StaticRoute/static_route_edit_ipv6.php. The manipulation of the argument oldipmask/oldgateway/olddevname leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263112. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UAC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4507
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.20% / 41.80%
||
7 Day CHG+0.05%
Published-05 May, 2024 | 23:31
Updated-21 Aug, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC static_route_add_ipv6.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240428 and classified as critical. This issue affects some unknown processing of the file /view/IPV6/ipv6StaticRoute/static_route_add_ipv6.php. The manipulation of the argument text_prefixlen/text_gateway/devname leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263111. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UAC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4501
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.33% / 55.57%
||
7 Day CHG~0.00%
Published-05 May, 2024 | 19:31
Updated-21 Aug, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC commit.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been rated as critical. This issue affects some unknown processing of the file /view/bugSolve/captureData/commit.php. The manipulation of the argument tcpDump leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263105 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACrg-uac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4504
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.31% / 53.37%
||
7 Day CHG~0.00%
Published-05 May, 2024 | 22:31
Updated-21 Aug, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC commit.php os command injection

A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240428. Affected by this issue is some unknown functionality of the file /view/HAconfig/baseConfig/commit.php. The manipulation of the argument peer_ip/local_ip leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263108. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACrg-uac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4503
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.33% / 55.57%
||
7 Day CHG~0.00%
Published-05 May, 2024 | 22:00
Updated-21 Aug, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC dhcp_relay_commit.php os command injection

A vulnerability classified as critical was found in Ruijie RG-UAC up to 20240428. Affected by this vulnerability is an unknown functionality of the file /view/dhcp/dhcpConfig/dhcp_relay_commit.php. The manipulation of the argument interface_from leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263107. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACrg-uac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4506
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.20% / 42.33%
||
7 Day CHG+0.05%
Published-05 May, 2024 | 23:00
Updated-21 Aug, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC ip_addr_edit_commit.php os command injection

A vulnerability has been found in Ruijie RG-UAC up to 20240428 and classified as critical. This vulnerability affects unknown code of the file /view/IPV6/ipv6Addr/ip_addr_edit_commit.php. The manipulation of the argument text_ip_addr/orgprelen/orgname leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-263110 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UAC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4505
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.33% / 55.57%
||
7 Day CHG~0.00%
Published-05 May, 2024 | 22:31
Updated-21 Aug, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC ip_addr_add_commit.php os command injection

A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240428. This affects an unknown part of the file /view/IPV6/ipv6Addr/ip_addr_add_commit.php. The manipulation of the argument prelen/ethname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263109 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UAC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4255
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.19% / 40.61%
||
7 Day CHG~0.00%
Published-27 Apr, 2024 | 14:31
Updated-21 Aug, 2025 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC gre_edit_commit.php os command injection

A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. The manipulation of the argument name leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-262145 was assigned to this vulnerability.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACrg-uac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5336
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.09% / 27.03%
||
7 Day CHG~0.00%
Published-25 May, 2024 | 14:31
Updated-21 Aug, 2025 | 18:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC vlan_add_commit.php addVlan os command injection

A vulnerability has been found in Ruijie RG-UAC up to 20240516 and classified as critical. This vulnerability affects the function addVlan of the file /view/networkConfig/vlan/vlan_add_commit.php. The manipulation of the argument phyport leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-266242 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UAC
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-5196
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.20% / 42.39%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 12:00
Updated-01 Aug, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arris VAP2500 tools_command.php command injection

A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of the file /tools_command.php. The manipulation of the argument cmb_header/txt_command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265833 was assigned to this vulnerability.

Action-Not Available
Vendor-Arrisarris
Product-VAP2500vap2500_firmware
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-5194
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.1||MEDIUM
EPSS-0.76% / 72.41%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 11:00
Updated-01 Aug, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arris VAP2500 assoc_table.php command injection

A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoc_table.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265831.

Action-Not Available
Vendor-Arrisarris
Product-VAP2500vap2500_firmware
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-4509
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.32% / 54.71%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 00:31
Updated-21 Aug, 2025 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC add_commit.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/IPV6/naborTable/add_commit.php. The manipulation of the argument ip_addr/mac_addr leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263113 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACrg_uac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-4502
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.7||MEDIUM
EPSS-0.31% / 53.37%
||
7 Day CHG~0.00%
Published-05 May, 2024 | 22:00
Updated-21 Aug, 2025 | 18:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruijie RG-UAC dhcp_client_commit.php os command injection

A vulnerability classified as critical has been found in Ruijie RG-UAC up to 20240428. Affected is an unknown function of the file /view/dhcp/dhcpClient/dhcp_client_commit.php. The manipulation of the argument ifName leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263106 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Ruijie Networks Co., Ltd.
Product-rg-uac_6000-x100_firmwarerg-uac_6000-e50mrg-uac_6000-sirg-uac_6000-ei_firmwarerg-uac_6000-isg02_firmwarerg-uac_6000-e10crg-uac_6000-x300d_firmwarerg-uac_6000-e50_firmwarerg-uac_6000-x20m_firmwarerg-uac_6000-e10rg-uac_6000-isg40rg-uac_6000-cc_firmwarerg-uac_6000-x20mrg-uac_6000-xs_firmwarerg-uac_6000-isg10rg-uac_6000-xsrg-uac_6000-earg-uac_6000-e50rg-uac_6000-x100srg-uac_6000-x60rg-uac_6000-u3210_firmwarerg-uac_6000-x60_firmwarerg-uac_6000-isg40_firmwarerg-uac_6000-e10c_firmwarerg-uac_6000-isg02rg-uac_6000-ea_firmwarerg-uac_6000-x100s_firmwarerg-uac_6000-u3210rg-uac_6000-x200rg-uac_6000-isg200rg-uac_6000-e50c_firmwarerg-uac_6000-e50crg-uac_6000-x20me_firmwarerg-uac_6000-e50m_firmwarerg-uac_6000-si_firmwarerg-uac_6000-u3100rg-uac_6000-e20mrg-uac_6000-u3100_firmwarerg-uac_6000-x20merg-uac_6000-e20m_firmwarerg-uac_6000-isg200_firmwarerg-uac_6000-x200_firmwarerg-uac_6000-e20rg-uac_6000-x100rg-uac_6000-e10_firmwarerg-uac_6000-e20crg-uac_6000-x20rg-uac_6000-x300drg-uac_6000-isg10_firmwarerg-uac_6000-x20_firmwarerg-uac_6000-ccrg-uac_6000-e20_firmwarerg-uac_6000-e20c_firmwarerg-uac_6000-eiRG-UACrg-uac
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1548
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.74% / 72.01%
||
7 Day CHG~0.00%
Published-22 May, 2021 | 06:45
Updated-08 Nov, 2024 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-wap131wap351_firmwarewap351wap125_firmwarewap581wap125wap361wap581_firmwarewap131_firmwarewap150wap150_firmwarewap361_firmwareCisco Business Wireless Access Point Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-1550
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.74% / 72.01%
||
7 Day CHG~0.00%
Published-22 May, 2021 | 06:40
Updated-08 Nov, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-wap131wap351_firmwarewap351wap125_firmwarewap581wap125wap361wap581_firmwarewap131_firmwarewap150wap150_firmwarewap361_firmwareCisco Business Wireless Access Point Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-1549
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.74% / 72.01%
||
7 Day CHG~0.00%
Published-22 May, 2021 | 06:45
Updated-08 Nov, 2024 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-wap131wap351_firmwarewap351wap125_firmwarewap581wap125wap361wap581_firmwarewap131_firmwarewap150wap150_firmwarewap361_firmwareCisco Business Wireless Access Point Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-1552
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.74% / 72.01%
||
7 Day CHG~0.00%
Published-22 May, 2021 | 06:40
Updated-08 Nov, 2024 | 23:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-wap131wap351_firmwarewap351wap125_firmwarewap581wap125wap361wap581_firmwarewap131_firmwarewap150wap150_firmwarewap361_firmwareCisco Business Wireless Access Point Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-1554
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.74% / 72.01%
||
7 Day CHG~0.00%
Published-22 May, 2021 | 06:40
Updated-08 Nov, 2024 | 23:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected device. These vulnerabilities are due to improper validation of user-supplied input. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit these vulnerabilities, the attacker must have valid administrative credentials for the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-wap131wap351_firmwarewap351wap125_firmwarewap581wap125wap361wap581_firmwarewap131_firmwarewap150wap150_firmwarewap361_firmwareCisco Business Wireless Access Point Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found