Command injection in TOTOLINK X18 via mac parameter. EPSS 3.4%. PoC available.
Command Injection
X18 Firmware
TOTOLINK
NVD
GitHub
CVSS 3.1
9.8
EPSS
3.4%
Command injection in TOTOLINK X18 via agentName in setEasyMeshAgentCfg. EPSS 2.7%. PoC available.
Command Injection
X18 Firmware
TOTOLINK
NVD
GitHub
CVSS 3.1
9.8
EPSS
2.7%
Docker default credentials in Termix server management. PoC and patch available.
Nginx
Docker
Authentication Bypass
Termix
NVD
GitHub
CVSS 3.1
9.1
EPSS
0.1%
Pickle deserialization RCE in pyfory 0.12.0-0.12.2 and pyfury 0.1.0-0.10.3.
RCE
Deserialization
Python
Fory
NVD
GitHub
CVSS 3.1
9.8
EPSS
0.3%
Brute-force vulnerability in ExtremeGuest Essentials before 25.5.0.
Authentication Bypass
Extremeguest Essentials
NVD
CVSS 3.1
9.8
EPSS
0.1%
Unauthenticated database wipe in Custom Searchable Data Entry System WP plugin through 1.7.1.
WordPress
Authentication Bypass
NVD
CVSS 3.1
9.1
EPSS
0.1%