Command Injection Archives • Page 5 of 6 • Daily CyberSecurity

CVE-2025-54857 (CVSS 9.8): Critical Flaw in Seiko Solutions Device Allows Remote Takeover Seiko Solutions, command injection

CVE-2025-54857 (CVSS 9.8): Critical Flaw in Seiko Solutions Device Allows Remote Takeover

Do Son September 1, 2025

A critical security flaw has been discovered in SkyBridge BASIC MB-A130, a networking device developed by Seiko...

PoC Published: Critical Unauthenticated Command Injection Flaw in D-Link Routers (CVSS 9.8), No Patch! D-Link, command injection

PoC Published: Critical Unauthenticated Command Injection Flaw in D-Link Routers (CVSS 9.8), No Patch!

Do Son August 29, 2025

D-Link has issued a Security Announcement regarding multiple critical vulnerabilities discovered in its legacy DIR-series routers. These...

PoC Available: D-Link Router Flaw with CVSS 9.8 and No Patch D-Link EOL RCE, Unauthenticated Command Injection D-Link Command Injection CVE-2025-57105

D-Link EOL RCE, Unauthenticated Command Injection D-Link Command Injection CVE-2025-57105

PoC Available: D-Link Router Flaw with CVSS 9.8 and No Patch

Do Son August 27, 2025

D-Link has issued an important security bulletin concerning its legacy DI-7400G+ router series, warning users of a...

FortiSIEM CVE-2025-25256 (CVSS 9.8): Remote Unauthenticated Command Injection with Exploit in the Wild FortiSIEM, Command Injection CVE-2025-25256

FortiSIEM, Command Injection CVE-2025-25256

FortiSIEM CVE-2025-25256 (CVSS 9.8): Remote Unauthenticated Command Injection with Exploit in the Wild

Do Son August 13, 2025

Fortinet has issued an urgent security advisory for a critical remote unauthenticated command injection vulnerability affecting multiple...

CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover EG4 Electronics, CISA Alert

CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover

Do Son August 9, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a risk evaluation warning about multiple high-severity...

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Critical Flaw (CVSS 9.8) in Ubiquiti UniFi Connect EV Stations Allows Remote Code Execution

Do Son August 7, 2025

Ubiquiti has issued a comprehensive security advisory addressing multiple vulnerabilities in its UniFi Connect product line, affecting...

Critical Flaw (CVE-2025-22470, CVSS 9.8) in SATO Industrial Label Printers Allow Remote Root Takeover SATO Printers, Industrial Vulnerabilities

Critical Flaw (CVE-2025-22470, CVSS 9.8) in SATO Industrial Label Printers Allow Remote Root Takeover

Do Son August 7, 2025

JPCERT/CC has issued a vulnerability note detailing two critical security flaws in SATO Corporation’s widely deployed industrial...

CISA Alert: Critical Flaws in Tigo Energy Solar Devices Allow Remote Takeover of Solar Systems Tigo Energy, CISA Alert

CISA Alert: Critical Flaws in Tigo Energy Solar Devices Allow Remote Takeover of Solar Systems

Do Son August 7, 2025

In a critical advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), newly discovered vulnerabilities in...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Critical Command Injection Flaws in Trend Micro Apex One Actively Exploited

Do Son August 5, 2025

Trend Micro has issued an urgent advisory for two critical command injection vulnerabilities affecting its Apex One...

Critical Dell DD OS Flaw (CVSS 9.8) Allows Unauthenticated Remote Access Dell DD OS Vulnerability, Authentication Bypass Dell SmartFabric OS10 Vulnerabilities

Critical Dell DD OS Flaw (CVSS 9.8) Allows Unauthenticated Remote Access

Do Son August 5, 2025

Dell Technologies has released an urgent security advisory addressing multiple vulnerabilities affecting its PowerProtect Data Domain Operating...

Critical CodeIgniter Flaw (CVSS 9.8) Allows Remote Code Execution, Over 2.9 Million Downloads at Risk CodeIgniter vulnerability, arbitrary code execution, CVE-2026-48062, CVE-2024-47823 CVE-2023-32692 CodeIgniter RCE, ImageMagick Vulnerability

CodeIgniter vulnerability, arbitrary code execution, CVE-2026-48062, CVE-2024-47823 CVE-2023-32692 CodeIgniter RCE, ImageMagick Vulnerability

Critical CodeIgniter Flaw (CVSS 9.8) Allows Remote Code Execution, Over 2.9 Million Downloads at Risk

Do Son July 29, 2025

Developers relying on CodeIgniter, one of the most widely adopted PHP full-stack web frameworks with over 2.9...

Critical Command Injection (CVE-2025-54416) in tj-actions/branch-names GitHub Action Exposes 5,000+ Repos GitHub Actions Vulnerability, Command Injection

GitHub Actions Vulnerability, Command Injection

Critical Command Injection (CVE-2025-54416) in tj-actions/branch-names GitHub Action Exposes 5,000+ Repos

Do Son July 28, 2025

A critical command injection vulnerability has been disclosed in the widely used GitHub Action tj-actions/branch-names, affecting over...

Critical Flaws in Weidmueller Industrial Routers Allow Unauthenticated RCE

Do Son July 24, 2025

In a recent security advisory coordinated by CERT@VDE, Weidmueller has disclosed multiple critical vulnerabilities affecting its IE-SR-2TX...

TP-Link NVR Update: Command Injection Flaws Expose Devices to Remote Code Execution

Do Son July 24, 2025

TP-Link has issued a security advisory warning users of two critical operating system command injection vulnerabilities affecting...

Critical Flaw (CVE-2025-24936, CVSS 9.0) in Nokia WaveSuite NOC Expose Telecom Networks to RCE Nokia WaveSuite, Command Injection

Critical Flaw (CVE-2025-24936, CVSS 9.0) in Nokia WaveSuite NOC Expose Telecom Networks to RCE

Do Son July 22, 2025

Nokia’s WaveSuite NOC (WS-NOC) platform—an integral part of network operations for telecom and enterprise environments— exists two...

Critical Flaw (CVSS 9.8) in Ubiquiti UniFi Access Devices Allows RCE

Do Son July 18, 2025

Ubiquiti has issued a security advisory for a critical vulnerability affecting multiple models in its UniFi Access...

Critical Backdoors & RCE Found in Nexxt Solutions Mesh Routers: Unauthenticated Takeover Possible, PoC Published

Do Son July 17, 2025

Security researcher Vagebondcur has uncovered four vulnerabilities in the Nexxt Solutions NCM-X1800 mesh router, including unauthenticated telnet...

Critical Flaws in Alcatel-Lucent OmniAccess Stellar WLAN APs Allow Full Remote Takeover, PoC Releases WLAN AP Vulnerabilities, Remote Code Execution

WLAN AP Vulnerabilities, Remote Code Execution

Critical Flaws in Alcatel-Lucent OmniAccess Stellar WLAN APs Allow Full Remote Takeover, PoC Releases

Do Son July 17, 2025

In a recently disclosure, ALE (Alcatel-Lucent Enterprise) has published a security advisory (SA-N0150) addressing multiple critical vulnerabilities...

Critical Vulnerabilities Found in Schneider Electric’s EcoStruxure IT Data Center Expert CVE-2024-8884 & CVE-2024-11737 Schneider Electric, Critical Vulnerabilities

CVE-2024-8884 & CVE-2024-11737 Schneider Electric, Critical Vulnerabilities

Critical Vulnerabilities Found in Schneider Electric’s EcoStruxure IT Data Center Expert

Do Son July 10, 2025

Schneider Electric has issued a high-severity security advisory disclosing multiple vulnerabilities affecting its flagship infrastructure management platform,...

Hardcoded Credentials & Command Injection Found in HPE Aruba Instant On Access Points HPE Aruba, Critical Vulnerability

Hardcoded Credentials & Command Injection Found in HPE Aruba Instant On Access Points

Do Son July 9, 2025

HPE Aruba Networking has issued a critical security advisory for its Instant On Access Points, urging users...

Critical Alert 1 Active Exploit Detected Today