Total
3060 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-3920 | 1 Nokia | 2 I-240w-q Gpon Ont, I-240w-q Gpon Ont Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/device_Form?script/.
|
|||||
| CVE-2019-3919 | 1 Nokia | 2 I-240w-q Gpon Ont, I-240w-q Gpon Ont Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restore_Form?script/.
|
|||||
| CVE-2019-3913 | 1 Labkey | 1 Labkey Server | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an authenticated remote attacker to unmount any drive on the system leading to denial of service.
|
|||||
| CVE-2019-3421 | 1 Ztw | 2 Zx297520v3, Zx297520v3 Firmware | 2024-11-21 | 7.7 HIGH | 8.0 HIGH |
|
The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Unauthorized users can exploit this vulnerability to control the user terminal system.
|
|||||
| CVE-2019-25029 | 1 Versa-networks | 1 Versa Director | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application. Command injection attacks are possible largely due ...
Show More |
|||||
| CVE-2019-20761 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
NETGEAR R7800 devices before 1.0.2.62 are affected by command injection by an authenticated user.
|
|||||
| CVE-2019-20757 | 1 Netgear | 2 R7800, R7800 Firmware | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
|
NETGEAR R7800 devices before 1.0.2.62 are affected by command injection by an authenticated user.
|
|||||
| CVE-2019-20745 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WAC505 before 5.0.10.2 and WAC510 before 5.0.10.2.
|
|||||
| CVE-2019-20732 | 1 Netgear | 66 D6220, D6220 Firmware, D7000 and 63 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.40, D7000v2 before 1.0.0.74, D8500 before 1.0.3.39, DGN2200v4 before 1.0.0.102, DGND2200Bv4 before 1.0.0.102, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.22, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.20, R6300v2 before 1.0.4.24, R6400 be ...
Show More |
|||||
| CVE-2019-20727 | 1 Netgear | 18 D6100, D6100 Firmware, R7800 and 15 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20726 | 1 Netgear | 22 D3600, D3600 Firmware, D6000 and 19 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20724 | 1 Netgear | 38 D3600, D3600 Firmware, D6000 and 35 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, D7800 before 1.0.1.44, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, ...
Show More |
|||||
| CVE-2019-20722 | 1 Netgear | 34 D7800, D7800 Firmware, Dm200 and 31 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.44, DM200 before 1.0.0.58, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBS40 before 2.3.0.28, WNDR4300v2 before 1.0.0.58, WNDR4500v3 before 1.0.0.58, WNR2000v5 before 1.0.0.68, and XR500 before 2.3. ...
Show More |
|||||
| CVE-2019-20718 | 1 Netgear | 28 D6220, D6220 Firmware, D6400 and 25 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D8500 before 1.0.3.43, R6250 before 1.0.4.34, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R7100LG before 1.0.0.48, R7300DST before 1.0.0.68, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128.
|
|||||
| CVE-2019-20711 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20710 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20709 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20708 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20707 | 1 Netgear | 4 R7800, R7800 Firmware, Xr500 and 1 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.60 and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20706 | 1 Netgear | 4 R7800, R7800 Firmware, Xr500 and 1 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7800 before 1.0.2.60 and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20705 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20704 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20703 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20702 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20701 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.
|
|||||
| CVE-2019-20689 | 1 Netgear | 40 D6000, D6000 Firmware, D6100 and 37 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6000 before 1.0.0.75, D6100 before 1.0.0.63, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3100RPv2 before 1.0.0.60, WNDR3700v4 before 1.0.2.102, ...
Show More |
|||||
| CVE-2019-20688 | 1 Netgear | 42 D3600, D3600 Firmware, D6000 and 39 more | 2024-11-21 | 5.2 MEDIUM | 6.8 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.72, EX6400 before 1.0.2.136, EX7300 before 1.0.2.136, EX8000 before 1.0.1.180, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WN2000RPTv3 before 1.0.1.32, WN3000RPv2 before 1.0.0.68, WN3100RPv2 before 1.0.0.60, WNDR3 ...
Show More |
|||||
| CVE-2019-20680 | 1 Netgear | 38 D7000, D7000 Firmware, R6220 and 35 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7000v2 before 1.0.0.53, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.46, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R850 ...
Show More |
|||||
| CVE-2019-20659 | 1 Netgear | 8 R6400, R6400 Firmware, R6700 and 5 more | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400v2 before 1.0.4.84, R6700 before 1.0.2.8, R6700v3 before 1.0.4.84, R6900 before 1.0.2.8, and R7900 before 1.0.3.10.
|
|||||
| CVE-2019-20655 | 1 Netgear | 4 Xr500, Xr500 Firmware, Xr700 and 1 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR500 before 2.3.2.56 and XR700 before 1.0.1.20.
|
|||||
| CVE-2019-20651 | 1 Netgear | 4 Wac505, Wac505 Firmware, Wac510 and 1 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WAC505 before 8.2.1.16 and WAC510 before 8.2.1.16.
|
|||||
| CVE-2019-1923 | 1 Cisco | 20 Spa500ds, Spa500ds Firmware, Spa500s and 17 more | 2024-11-21 | 4.6 MEDIUM | 6.6 MEDIUM |
|
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to improper input validation in the device configuration interface. An attacker could exploit this vulnerability by accessing the configuration interface, which may require a password, and then accessing the device's physical interface and inserting a USB storage device. A successful exploit could allow the attacker to e ...
Show More |
|||||
| CVE-2019-1893 | 1 Cisco | 1 Enterprise Nfv Infrastructure Software | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device as root. The vulnerability is due to insufficient input validation of a configuration file that is accessible to a local shell user. An attacker could exploit this vulnerability by including malicious input during the execution of this file. A successful exploit could allow the attacker to ...
Show More |
|||||
| CVE-2019-1795 | 1 Cisco | 144 7000 10-slot, 7000 18-slot, 7000 4-slot and 141 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the at ...
Show More |
|||||
| CVE-2019-1791 | 1 Cisco | 129 7000 10-slot, 7000 18-slot, 7000 4-slot and 126 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to ...
Show More |
|||||
| CVE-2019-1790 | 1 Cisco | 134 7000 10-slot, 7000 18-slot, 7000 4-slot and 131 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary c ...
Show More |
|||||
| CVE-2019-1784 | 1 Cisco | 19 7000, 7700, Nexus 5548p and 16 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitr ...
Show More |
|||||
| CVE-2019-1783 | 1 Cisco | 14 Nexus 5548p, Nexus 5548up, Nexus 5596t and 11 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow ...
Show More |
|||||
| CVE-2019-1782 | 1 Cisco | 97 Firepower 4110, Firepower 4120, Firepower 4140 and 94 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on t ...
Show More |
|||||
| CVE-2019-1781 | 1 Cisco | 97 Firepower 4110, Firepower 4120, Firepower 4140 and 94 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on t ...
Show More |
|||||