Skip to main content
CVE-2023-26802 CRITICAL POC THREAT Act Now

An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Dcbi Netlog Lab Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
48.7%
CVE-2023-26801 CRITICAL POC THREAT Act Now

LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Bl Lte300 Firmware Bl X26 Firmware Bl Wr9000 Firmware Bl Ac1900 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
69.7%
CVE-2023-26800 CRITICAL POC Act Now

Ruijie Networks RG-EW1200 Wireless Routers EW_3.0(1)B11P204 was discovered to contain a command injetion vulnerability via the params.path parameter in the upgradeConfirm function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Rg Ew1200R Firmware Rg Ew1200 Firmware Rg Ew1200G Pro Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy