A SQL injection vulnerability has been reported in rConfig Network Device Configuration Tool. The vulnerability is due to insufficient input validation in the ompliancepolicies.php and compliancepolicyelements.php and snippets.php.

ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field.

A security feature bypass vulnerability has been reported in Microsoft Windows. This vulnerability is due to improper handling of Internet Shortcuts. A remote attacker could exploit this vulnerability by enticing a target user to open a crafted shortcut or visit a malicious link. Successful exploitation could result in spoofing, the bypass of SmartScreen security warnings or the disclosure of a targeted user's NTLM hash.

Threat Encyclopedia

1137237

WEB rConfig compliancepolicies.php and compliancepolicyelements.php and snippets.php SQL Injection -1 (CVE-2020-10546)

Critical

2026/05/29

1237252

MALWARE-FILE-TRANSFER Malicious Script File Transfer -2 state 0

Medium

2026/05/28

1233306

ICS ABUS Security Camera TVIP Remote Code Execution -1 (CVE-2023-26609)

High

2026/05/28

1233205

FILE Microsoft Windows Internet Shortcut Point to Location with UNC or Remote Path

Medium

2026/05/28