Total
6105 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-30818 | 1 Tp-link | 3 Archer Ax53, Archer Ax53 Firmware, Ax53 V1 | 2026-05-07 | 8.0 High |
| An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow the attacker to modify device configuration, access sensitive information, or further compromise system integrity. This issue affects AX53 v1.0: before 1.7.1 Build 20260213. | ||||
| CVE-2026-30815 | 1 Tp-link | 3 Archer Ax53, Archer Ax53 Firmware, Ax53 V1 | 2026-05-07 | 8.0 High |
| An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modification of configuration files, disclosure of sensitive information, or further compromise of device integrity. This issue affects AX53 v1.0: before 1.7.1 Build 20260213. | ||||
| CVE-2026-7609 | 1 Trendnet | 2 Tew-821dap, Tew-821dap Firmware | 2026-05-06 | 6.3 Medium |
| A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function tools_diagnostic of the file /tmp/diagnostic of the component Firmware Udpate. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-7608 | 1 Trendnet | 2 Tew-821dap, Tew-821dap Firmware | 2026-05-06 | 5.5 Medium |
| A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the function tools_diagnostic. The manipulation results in os command injection. The exploit is now public and may be used. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-41036 | 2 Qntmnet, Quantum Networks | 3 Qn-i-470, Qn-i-470 Firmware, Router Qn-i-470 | 2026-05-06 | 8.8 High |
| This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device. Successful exploitation of this vulnerability could allow the attacker to perform remote code execution with root privileges on the targeted device. | ||||
| CVE-2025-15568 | 1 Tp-link | 2 Archer Axe75, Archer Axe75 Firmware | 2026-05-06 | 8.0 High |
| A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device. This issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107. | ||||
| CVE-2026-41926 | 1 Shenzhen Yuner Yipu | 1 Wifi Extender Wdr201a | 2026-05-06 | N/A |
| WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the firewall.cgi binary across five request handlers that apply insufficient input validation. Attackers can inject arbitrary shell commands through vulnerable parameters like websURLFilter, websHostFilter, portForward, singlePortForward, and ipportFilter using subshell syntax or unfiltered parameters, with payloads persisting in NVRAM and re-executing on every subsequent firewall.cgi request. | ||||
| CVE-2026-41923 | 1 Shenzhen Yuner Yipu | 1 Wifi Extender Wdr201a | 2026-05-06 | N/A |
| WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the internet.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter. Attackers can exploit unsanitized parameter concatenation in the set_add_routing function to inject shell commands that are executed via popen() with partial output reflected in the HTTP response. | ||||
| CVE-2026-41924 | 1 Shenzhen Yuner Yipu | 1 Wifi Extender Wdr201a | 2026-05-06 | N/A |
| WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the makeRequest.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the set_time or StartSniffer functions. Attackers can craft a POST request with specially crafted ampersand-delimited parameters to bypass input sanitization and execute commands with a maximum length of 31 bytes through the date command or channel parameter processing. | ||||
| CVE-2026-41925 | 1 Shenzhen Yuner Yipu | 1 Wifi Extender Wdr201a | 2026-05-06 | N/A |
| WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the adm.cgi binary's reboot_time function that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the reboot_time POST parameter. Attackers can send a crafted request with shell metacharacters in the reboot_time parameter when reboot_enabled=1 to achieve remote code execution. | ||||
| CVE-2026-7785 | 1 A-g-u-p-t-a | 1 Wireshark-mcp | 2026-05-06 | 7.3 High |
| A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quick_capture of the file pyshark_mcp.py. The manipulation results in os command injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-71284 | 1 Synway | 1 Smg Gateway Management Software | 2026-05-05 | 9.8 Critical |
| Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can inject arbitrary shell commands by submitting a POST request with crafted radius_address, radius_address2, shared_secret2, source_ip, timeout, or retry parameters along with save=1 and enable_radius=1 to achieve remote code execution. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-07-11 (UTC). | ||||
| CVE-2026-42076 | 1 Evomap | 1 Evolver | 2026-05-05 | 9.8 Critical |
| Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a command injection vulnerability in the _extractLLM() function allows attackers to execute arbitrary shell commands on the server. The function constructs a curl command using string concatenation and passes it to execSync() without proper sanitization, enabling remote code execution when the corpus parameter contains shell metacharacters. This issue has been patched in version 1.69.3. | ||||
| CVE-2026-7823 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-05-05 | 9.8 Critical |
| A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-7461 | 2 Amazon, Aws | 2 Amazon Ecs Container Agent, Amazon Ecs Agent | 2026-05-05 | 7.2 High |
| Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a specially crafted username field in an ECS task definition. This issue requires permissions to register ECS task definitions or write to the Secrets Manager or SSM Parameter Store credentials used by the FSx volume configuration. To remediate this issue, users should upgrade to version 1.103.0. | ||||
| CVE-2026-7642 | 1 Pskill9 | 1 Website-downloader | 2026-05-05 | 6.3 Medium |
| A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function download_website of the file src/index.ts of the component MCP Interface. Performing a manipulation of the argument outputPath results in os command injection. The attack may be initiated remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-42994 | 1 Bitwarden | 2 Bitwarden, Cli | 2026-05-04 | 9.8 Critical |
| Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident. | ||||
| CVE-2025-13605 | 1 3onedata | 1 Gw1101-1d(rs-485)-tb-p | 2026-05-04 | N/A |
| 3onedata modbus gateway device model GW1101-1D(RS-485)-TB-P (hardware version V2.2.0) allows authenticated users to execute arbitrary shell commands in the context of the root user by providing payload in the "IP address" field of the diagnosis test tools. This issue has been resolved in firmware version 3.0.59B2024080600R4353 | ||||
| CVE-2026-43003 | 1 Openstack | 2 Ironic-python-agent, Ironic Python Agent | 2026-05-04 | 8 High |
| An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image. | ||||
| CVE-2026-7551 | 1 Hkuds | 1 Openharness | 2026-05-04 | 8.8 High |
| HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded to the bridge session manager and executed through the shared shell subprocess helper, allowing them to spawn shell sessions as the OpenHarness process user and access local files, credentials, workspace state, and repository contents. | ||||