Total
2086 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-46421 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_411D00 function. | ||||
| CVE-2023-46420 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41590C function. | ||||
| CVE-2023-46419 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415730 function. | ||||
| CVE-2023-46418 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_412688 function. | ||||
| CVE-2023-46417 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_415498 function. | ||||
| CVE-2023-46416 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ The 41A414 function. | ||||
| CVE-2023-46415 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_41E588 function. | ||||
| CVE-2023-46414 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a remote command execution (RCE) vulnerability via the sub_ 41D494 function. | ||||
| CVE-2023-46411 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_415258 function. | ||||
| CVE-2023-46412 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_41D998 function. | ||||
| CVE-2024-44844 | 1 Draytek | 2 Vigor3900, Vigor3900 Firmware | 2024-09-11 | 8 High |
| DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_command function. | ||||
| CVE-2024-44845 | 1 Draytek | 2 Vigor3900, Vigor3900 Firmware | 2024-09-11 | 8 High |
| DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the value parameter in the filter_string function. | ||||
| CVE-2023-46413 | 1 Totolink | 2 X6000r, X6000r Firmware | 2024-09-11 | 9.8 Critical |
| TOTOLINK X6000R v9.4.0cu.652_B20230116 was discovered to contain a command execution vulnerability via the sub_4155DC function. | ||||
| CVE-2024-7436 | 2 D-link, Dlink | 3 Di-8100, Di-8100, Di-8100 Firmware | 2024-09-11 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This issue affects the function msp_info_htm of the file msp_info.htm. The manipulation of the argument cmd leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273521 was assigned to this vulnerability. | ||||
| CVE-2024-21903 | 1 Qnap | 2 Qts, Quts Hero | 2024-09-11 | 6.6 Medium |
| An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later | ||||
| CVE-2024-22651 | 1 Dlink | 2 Dir-815, Dir-815 Firmware | 2024-09-10 | 9.8 Critical |
| There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D-Link DIR-815 router firmware v1.04. | ||||
| CVE-2024-44410 | 2 D-link, Dlink | 3 Di-8300, Di-8300, Di-8300 Firmware | 2024-09-10 | 9.8 Critical |
| D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function. | ||||
| CVE-2024-44402 | 2 D-link, Dlink | 3 Di-8100g, Di-8100g, Di-8100g Firmware | 2024-09-10 | 9.8 Critical |
| D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm. | ||||
| CVE-2024-42348 | 1 Fogproject | 1 Fogproject | 2024-09-10 | 9.3 Critical |
| FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.2 can leak AD username and password when registering a computer. This vulnerability is fixed in 1.5.10.41.3 and 1.6.0-beta.1395. | ||||
| CVE-2024-42427 | 1 Dell | 1 Wyse Proprietary Os | 2024-09-10 | 7.6 High |
| Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||