VYPR

Nuclei Tps

by Ahisec

Source repositories

CVEs (2)

  • CVE-2024-13985CriAug 27, 2025
    risk 0.65cvss epss 0.08

    A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated remote attackers to execute arbitrary system commands via the capture_handle.action interface. The flaw stems from improper input validation in the captureCommand parameter, which is…

  • CVE-2024-58274HigOct 22, 2025
    risk 0.54cvss 8.3epss 0.18

    Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2024-08-01 allows execution of a command within $( ) in /center/api/installation/detection JSON data, as exploited in the wild in 2024 and 2025.