Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2024-57235
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.
CVSS Score
9.8
EPSS Score
0.013
Published
2025-05-05
CVE-2024-57229
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
CVSS Score
9.8
EPSS Score
0.013
Published
2025-05-05
CVE-2024-57230
NETGEAR RAX5 (AX1600 WiFi Router) V1.0.2.26 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.
CVSS Score
9.8
EPSS Score
0.013
Published
2025-05-05
CVE-2025-45042
Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function.
CVSS Score
9.8
EPSS Score
0.009
Published
2025-05-05
CVE-2025-45320
A Directory Listing Vulnerability was found in the /osms/Requester/ directory of the Kashipara Online Service Management Portal V1.0.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-05-05
CVE-2025-45321
kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-05-05
CVE-2025-45322
kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester/CheckStatus.php via the checkid parameter.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-05-05
CVE-2025-45751
SourceCodester Web Based Pharmacy Product Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in add-admin.php via the Fullname text field.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-05-05
CVE-2025-4270
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi of the component Config Handler. The manipulation of the argument topicurl with the input getInitCfg/getSysStatusCfg leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-05-05
CVE-2025-4271
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-05-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved