CVE

ZeroShell Linux Router 3.9.3 OS Command Injection vulnerability(CVE-2020-29390)

+

Zeroshell is a Linux based distribution dedicated to the implementation of Router and Firewall Appliances completely administrable via web interface. Zeroshell is available for x86/x86-64 platforms and ARM based devices such as Raspberry Pi.

Artica Web Proxy 4.30 Authentication Bypass & OS Command Injection

+

Artica Proxy is a system that provide a sexy Web Ajax console in order manage a full Proxy server without any technical skill and with latest Squid technology.

CVE-2020-15894: D-Link DIR-816L 信息泄漏

+

An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used to call various services. It can be utilized by an attacker to retrieve various sensitive information, such as admin login credentials, by setting the value of _POST_SERVICES in the query string to DEVICE.ACCOUNT.

CVE-2019-19781: Citrix Application DC & Citrix Gateway RCE

+

CVE-2018-1335

+