A weakness has been identified in Edimax BR-6428NS 1.10. This impacts the function system of the file /goform/formWlanM of the component POST Request Handler. Executing a manipulation of the argument ateFunc/ateGain/ateTxCount/ateChan/ateRate/ateMacID/e2pTxPower1/e2pTxPower2/e2pTxPower3/e2pTxPower4/e2pTxPower5/e2pTxPower6/e2pTxPower7/e2pTx2Power1/e2pTx2Power2/e2pTx2Power3/e2pTx2Power4/e2pTx2Power5/e2pTx2Power6/e2pTx2Power7/ateTxFreqOffset/ateMode/ateBW/ateAntenna/e2pTxFreqOffset/e2pTxPwDeltaB/e2pTxPwDeltaG/e2pTxPwDeltaMix/e2pTxPwDeltaN/readE2P can lead to command injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The manipulation of the argument L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was detected in Edimax BR-6228NC 1.22. Affected by this issue is the function mp of the file /goform/mp of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of the argument repeaterSSID leads to command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipulation of the argument pppUserName/pptpUserName causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulation of the argument stadrv_ssid results in command injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/comd/initgain/txcck/txofdm leads to command injection. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
A weakness has been identified in Edimax EW-7438RPn 1.12. This affects the function formAccept of the file /goform/formAccep of the component POST Request Handler. This manipulation of the argument submit-url causes command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument max_Conn/timeOut leads to command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub_416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcam_cgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected is the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component Web-based Configuration Interface. The manipulation of the argument rootAPmac leads to command injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. Edimax confirms this issue: "The product mentioned, EDIMAX BR-6208AC V2, has reached its End of Life (EOL) status. It is no longer supported or maintained by Edimax, and it is no longer available for purchase in the market. Consequently, there will be no further firmware updates or patches for this device. We recommend users upgrade to newer models for better security." This vulnerability only affects products that are no longer supported by the maintainer.
A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub_416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A flaw has been found in Edimax BR-6478AC V3 1.0.15. The affected element is the function sub_44CCE4 of the file /boafrm/formSysCmd. This manipulation of the argument sysCmd causes os command injection. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2024-09-14 UTC.
An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and prior via the mp.asp form handler. The /goform/mp endpoint improperly handles user-supplied input to the command parameter. An authenticated attacker can inject shell commands using shell metacharacters to achieve arbitrary command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2024-09-14 UTC.
A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Edimax confirms this issue: "The product mentioned, EDIMAX BR-6208AC V2, has reached its End of Life (EOL) status. It is no longer supported or maintained by Edimax, and it is no longer available for purchase in the market. Consequently, there will be no further firmware updates or patches for this device. We recommend users upgrade to newer models for better security." This vulnerability only affects products that are no longer supported by the maintainer.
A vulnerability has been found in TykoDev cherry-studio-TykoFork 0.1. This issue affects the function redirectToAuthorization of the file /.well-known/oauth-authorization-server of the component OAuth Server Discovery. Such manipulation of the argument authorizationUrl leads to os command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.
A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function set_mesh_disconnect of the file /send_order.cgi. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was determined in SGAI Space1 NAS N1211DS up to 1.0.915. Impacted is the function RENAME_FILE/OPERATE_FILE/NGNIX_UPLOAD of the file /cgi-bin/JSONAPI of the component gsaiagent. This manipulation causes command injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was determined in Sangfor Operation and Maintenance Security Management System 3.0. Impacted is an unknown function of the file /fort/portal_login of the component Frontend. This manipulation of the argument loginUrl causes command injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 3.0.11 and 3.0.12 is recommended to address this issue. It is advisable to upgrade the affected component.
A security vulnerability has been detected in D-Link DWR-M920, DWR-M921, DIR-822K and DIR-825M 1.1.5. Impacted is the function system of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability has been found in D-Link DIR-823X 250416. Impacted is an unknown function of the file /goform/set_device_name. The manipulation of the argument mac leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. Affected is the function sub_4016F0 of the file /cgi-bin/firewall.cgi. The manipulation of the argument del_flag results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was determined in D-Link DIR-823X 250416. The impacted element is the function uci_del of the file /goform/delete_prohibiting. This manipulation of the argument delvalue causes command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
A security vulnerability has been detected in Tenda AC18 15.03.05.19. The impacted element is an unknown function of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
A weakness has been identified in Wavlink NU516U1. Affected by this vulnerability is the function sub_401B30 of the file /cgi-bin/firewall.cgi. This manipulation of the argument remoteManagementEnabled causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was determined in Belkin F9K1015 1.00.10. Impacted is an unknown function of the file /goform/formSetWanStatic. Executing a manipulation of the argument m_wan_ipaddr can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was detected in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/delete_offline_device. Performing manipulation of the argument delvalue results in command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.
A vulnerability was found in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/set_wifi_blacklists. The manipulation of the argument macList results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
A vulnerability was found in Intelbras TIP 635G 1.12.3.5. This vulnerability affects unknown code of the component Ping Handler. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in mirweiye wenkucms up to 3.4. This impacts the function createPathOne of the file app/common/common.php. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used.
A flaw has been found in Wavlink NU516U1 M16U1_V240425. Impacted is the function sub_403010 of the file /cgi-bin/wireless.cgi of the component AddMac Page. This manipulation of the argument macAddr causes command injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. This impacts the function sub_403198 of the file /cgi-bin/wireless.cgi of the component SetName Page. The manipulation of the argument mac_5g leads to command injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was identified in D-Link DIR-823X 250416. This affects the function uci_set of the file /goform/set_wifi_blacklists. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
A vulnerability was detected in sequa-ai sequa-mcp up to 1.0.13. This affects the function redirectToAuthorization of the file src/helpers/node-oauth-client-provider.ts of the component OAuth Server Discovery. Performing manipulation results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.0.14 is able to mitigate this issue. The patch is named e569815854166db5f71c2e722408f8957fb9e804. It is recommended to upgrade the affected component. The vendor explains: "We only promote that mcp server with our own URLs that have a valid response, but yes if someone would use it with a non sequa url, this is a valid attack vector. We have released a new version (1.0.14) that fixes this and validates that only URLs can be opened."
A vulnerability was determined in D-Link DIR-852 1.00CN B09. This issue affects the function ssdpcgi_main of the file htodcs/cgibin of the component Simple Service Discovery Protocol Service. Executing manipulation of the argument ST can lead to command injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.
A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/api/playlist/single.php. Performing manipulation of the argument playlist results in os command injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
A security vulnerability has been detected in HummerRisk up to 1.5.0. Affected by this issue is some unknown functionality of the file ResourceCreateService.java of the component Cloud Task Scheduler. Such manipulation of the argument regionId leads to command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A security flaw has been discovered in qinming99 dst-admin up to 1.5.0. This affects the function revertBackup of the file /home/restore. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.