Php Hooligans

#8267of 53,630
33.2Total CVSS
Vulnerabilities · 4
Medium
1
High
2
Critical
1
PT-2025-32061
6.8
2025-08-05
Kenwood · Kenwood Dmx958Xr · CVE-2025-8652
**Name of the Vulnerable Software and Affected Versions** Kenwood DMX958XR (affected versions not specified) **Description** This issue allows physically present attackers to execute arbitrary code on affected Kenwood DMX958XR devices. Authentication is not required for exploitation. The flaw resides within the `JKWifiService` due to insufficient validation of user-supplied input before it is used in a system call, potentially allowing an attacker to execute code with root privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-31372
8.8
2025-07-29
Tesla · Tesla Wall Connector · CVE-2025-8320
**Name of the Vulnerable Software and Affected Versions** Tesla Wall Connector versions 24.44.1 Tesla Wall Connector version 24.44.3 **Description** This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Wall Connector devices without authentication. The issue stems from improper validation of the HTTP `Content-Length` header, leading to potential memory access beyond allocated buffer boundaries. An attacker can exploit this to execute code within the device's context. **Recommendations** Tesla Wall Connector version 24.44.1: Update to version 24.44.3 or later to resolve this issue.
PT-2024-33249
7.8
2024-11-22
Qurouter · Qurouter · CVE-2024-48861
**Name of the Vulnerable Software and Affected Versions** QuRouter versions prior to 2.4.4.106 **Description** An OS command injection issue has been reported, potentially allowing local network attackers to execute commands if exploited. **Recommendations** For QuRouter versions prior to 2.4.4.106, update to version 2.4.4.106 or later to resolve the issue.
PT-2024-8777
9.8
2024-11-22
Qurouter · Qurouter · CVE-2024-48860
Name of the Vulnerable Software and Affected Versions: QuRouter versions prior to 2.4.3.103 Description: An OS command injection vulnerability has been reported, which could allow remote attackers to execute commands if exploited. Over 2,500 services are potentially affected. The issue is related to the failure to neutralize special elements used in OS commands. Recommendations: For QuRouter versions prior to 2.4.3.103, update to version 2.4.3.103 or later to resolve the issue. As a temporary workaround, consider restricting access to vulnerable components until a patch is applied. Avoid using the vulnerable functionality in the affected QuRouter versions until the issue is resolved.