Team IT Security (TSEC) Nachrichtenportal Logo

🕵️ CVE-2025-3543 | H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 up to V100R014 HTTP POST Request setsyncpppoecfg FCGI_WizardProtoProcess command injection


Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com

A vulnerability has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014 and classified as critical. This vulnerability affects the function FCGI_WizardProtoProcess of the file /api/wizard/setsyncpppoecfg of the component HTTP POST Request Handler. The manipulation leads to command injection. This vulnerability was named CVE-2025-3543. Access to the local network is required for this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component. ...

Sharing is caring on Social Media

Reddit
Telegram
LinkedIn
Xing
Twitter
Whatsapp
Facebook
Flipboard

🕵️ CVE-2024-42637 | H3C R3010 100R002L02 /etc/shadow hard-coded password


📈 49.24 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-36509 | H3C H3C GR3200 100R014 DelL2tpLNSList param command injection


📈 43.17 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2023-6901 | codelyfe Stupid Simple CMS up to 1.2.3 HTTP POST Request handle-command.php command os command injection


📈 34.04 Punkte
🕵️ Sicherheitslücken

📰 NX210, NX300, NX400 & NX1000: Antec spielt weiter mit LEDs und Lufteinlässen


📈 30.53 Punkte
📰 IT Nachrichten

🕵️ CVE-2024-57473 | H3C N12 V100R005 POST Request /bin/webs buffer overflow


📈 29.13 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-57479 | H3C N12 V100R005 POST Request /bin/webs buffer overflow


📈 29.13 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2023-30311 | H3C Magic R100/Magic R365 TCP denial of service


📈 28.58 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-37070 | H3C GR-1200W 100R006 DelL2tpLNSList param command injection


📈 26.3 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-36510 | H3C GR2200 100R014 DelL2tpLNSList param command injection


📈 26.3 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-29013 | Razer Sila Gaming Router 2.0.441_api-2.0.418 POST Request command command injection (ID 166684 / EDB-50865)


📈 26 Punkte
🕵️ Sicherheitslücken

🔧 JavaScript Post Request – How to Send an HTTP Post Request in JS


📈 25.38 Punkte
🔧 Programmierung

🕵️ CVE-2024-0530 | CXBSoft Post-Office up to 1.0 HTTP POST Request /apps/reg_go.php username_reg sql injection


📈 24.9 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-0529 | CXBSoft Post-Office up to 1.0 HTTP POST Request /apps/login_auth.php username_login sql injection


📈 24.9 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-0528 | CXBSoft Post-Office 1.0 HTTP POST Request update_go.php version sql injection


📈 24.9 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2015-6484 | 3S-Smart CODESYS Gateway Server up to 2.3.9.47 HTTP Request GET Request/POST Request null pointer dereference (ID 124160 / SBV-54398)


📈 24.3 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2021-46850 | myVesta/Vesta Control Panel HTTP POST Request /edit/server v_sftp_license command injection (EDB-49674)


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2023-7116 | WeiYe-Jing datax-web 2.1.2 HTTP POST Request /api/log/killJob processId os command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2023-49254 | Hongdian H8951-4G-ESP prior 2310271149 HTTP POST Request destination os command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-2909 | Ruijie RG-EG350 up to 20240318 HTTP POST Request networksafe.php setAction bandwidth os command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-2910 | Ruijie RG-EG350 up to 20240318 HTTP POST Request vpn_quickset_service.php vpnAction ip/port/user/pass/dns/startIp os command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-29972 | Zyxel NAS326/NAS542 prior 5.21 HTTP POST Request remote_help-cgi os command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-29973 | Zyxel NAS326/NAS542 prior 5.21 HTTP POST Request setCookie os command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-6269 | Ruijie RG-UAC 1.0 HTTP POST Request sxh_vpnlic.php get_ip.addr_details indevice command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-7066 | F-logic DataCube3 1.0 HTTP POST Request config_time_sync.php ntp_server os command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-7158 | TOTOLINK A3100R 4.1.2cu.5050_B20200504 HTTP POST Request /cgi-bin/cstecgi.cgi setTelnetCfg telnet_enabled command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-8127 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/webfile_mgr.cgi cgi_unzip path command injection (SAP10383)


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-8128 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/webfile_mgr.cgi cgi_add_zip path command injection (SAP10383)


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-8129 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/s3.cgi cgi_s3_modify f_job_name command injection (SAP10383)


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-8130 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/s3.cgi cgi_s3 f_a_key command injection (SAP10383)


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-8132 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/webdav_mgr.cgi webdav_mgr f_path command injection (SAP10383)


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-8131 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/apkg_mgr.cgi module_enable_disable f_module_name command injection (SAP10383)


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-8133 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/hd_config.cgi cgi_FMT_R5_SpareDsk_DiskMGR f_source_dev command injection (SAP10383)


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-8134 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/hd_config.cgi cgi_FMT_Std2R5_1st_DiskMGR f_source_dev command injection (SAP10383)


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2023-49959 | Indo-Sol PROFINET-INspektor NT up to 2.4.0 HTTP POST Request start_update filename command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2024-6342 | Zyxel NAS326/NAS542 up to 5.21 HTTP POST Request os command injection


📈 23.5 Punkte
🕵️ Sicherheitslücken