Total
1397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26189 | 1 Totolink | 2 N600r, N600r Firmware | 2022-03-29 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface. | |||||
| CVE-2022-26188 | 1 Totolink | 2 N600r, N600r Firmware | 2022-03-29 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via /setting/NTPSyncWithHost. | |||||
| CVE-2022-26187 | 1 Totolink | 2 N600r, N600r Firmware | 2022-03-29 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the pingCheck function. | |||||
| CVE-2022-26186 | 1 Totolink | 2 N600r, N600r Firmware | 2022-03-29 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the exportOvpn interface at cstecgi.cgi. | |||||
| CVE-2022-26265 | 1 Contao | 1 Contao | 2022-03-28 | 7.5 HIGH | 9.8 CRITICAL |
| Contao Managed Edition v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the component php_cli parameter. | |||||
| CVE-2022-25766 | 1 Ungit Project | 1 Ungit | 2022-03-28 | 6.5 MEDIUM | 8.8 HIGH |
| The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. The issue occurs when calling the /api/fetch endpoint. User controlled values (remote and ref) are passed to the git fetch command. By injecting some git options it was possible to get arbitrary command execution. | |||||
| CVE-2022-24237 | 1 Snapt | 1 Aria | 2022-03-28 | 6.5 MEDIUM | 8.8 HIGH |
| The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands. | |||||
| CVE-2021-45876 | 1 Garo | 6 Wallbox Glb, Wallbox Glb Firmware, Wallbox Gtb and 3 more | 2022-03-28 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware. | |||||
| CVE-2021-38173 | 3 Debian, Digint, Fedoraproject | 3 Debian Linux, Btrbk, Fedora | 2022-03-25 | 7.5 HIGH | 9.8 CRITICAL |
| Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys. | |||||
| CVE-2022-25439 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function. | |||||
| CVE-2022-25429 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function. | |||||
| CVE-2022-25437 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. | |||||
| CVE-2022-25438 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function. | |||||
| CVE-2022-25435 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function. | |||||
| CVE-2022-25441 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function. | |||||
| CVE-2022-25440 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. | |||||
| CVE-2022-25428 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function. | |||||
| CVE-2022-25427 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function. | |||||
| CVE-2022-25434 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function. | |||||
| CVE-2022-25433 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-03-24 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function. | |||||