FeiXincheng

3 exploits Active since Jun 2022
CVE-2022-32092 WRITEUP CRITICAL WORKING POC
D-Link DIR-645 Firmware < 1.03 - OS Command Injection via QUERY_STRING Parameter
D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi.
CVSS 9.8
CVE-2022-37149 WRITEUP CRITICAL WRITEUP
WAVLINK WL-WN575A3 RPT75A3.V4300.201217 - OS Command Injection via Username Parameter
WAVLINK WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability when operating the file adm.cgi. This vulnerability allows attackers to execute arbitrary commands via the username parameter.
CVSS 9.8
CVE-2023-23080 WRITEUP CRITICAL WORKING POC
Tenda CP7/CP3/IT7-PCS/IT7-LCS/IT7-PRS - OS Command Injection
Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<=V2209020914 and Tenda IT7-LCS Tenda IT7-LCS<=V2209020914 and Tenda IT7-PRS Tenda IT7-PRS<=V2209020908.
CVSS 9.8