Suggestions search

All statuses

Filter by:

With package: python313Packages.aiobafi6

Found 3 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2026-6024

7.3 HIGH

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 3 days, 23 hours ago

Tenda i6 HTTP R7WebsSecurityHandlerfunction path traversal

A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

References

VDB-356600 | Tenda i6 HTTP R7WebsSecurityHandlerfunction path traversal vdb-entrytechnical-description
VDB-356600 | CTI Indicators (IOB, IOC, TTP, IOA) signaturepermissions-required
Submit #791826 | Tenda i6 V1.0.0.7(2204) Path Traversal third-party-advisory
https://github.com/Litengzheng/vuldb_new/blob/main/M3/vul_84/README.md exploit
https://www.tenda.com.cn/ product

Affected products

==1.0.0.7(2204)

Matching in nixpkgs

pkgs.tests.fetchpatch2.hunks

None

nixos-unstable i6w1nd25mdns
- nixpkgs-unstable i6w1nd25mdns
- nixos-unstable-small i6w1nd25mdns

pkgs.tests.fetchpatch2.decode

None

nixos-25.11 i6vx4j3n3dac
- nixos-25.11-small i6vx4j3n3dac
- nixpkgs-25.11-darwin i6vx4j3n3dac

pkgs.tests.fetchpatch2.simple

None

nixos-unstable 2fda4x41i607
- nixpkgs-unstable 2fda4x41i607
- nixos-unstable-small 2fda4x41i607

pkgs.tests.fetchzip.postFetch

None

nixos-unstable kbzs7f8irgi6
- nixpkgs-unstable kbzs7f8irgi6
- nixos-unstable-small kbzs7f8irgi6

pkgs.python312Packages.aiobafi6

Library for communication with the Big Ass Fans i6 firmware

nixos-25.11 aiobafi6-0.10.0
- nixos-25.11-small aiobafi6-0.10.0
- nixpkgs-25.11-darwin aiobafi6-0.10.0

pkgs.python313Packages.aiobafi6

Library for communication with the Big Ass Fans i6 firmware

nixos-unstable aiobafi6-0.10.1
- nixpkgs-unstable aiobafi6-0.10.1
- nixos-unstable-small aiobafi6-0.10.1
nixos-25.11 aiobafi6-0.10.0
- nixos-25.11-small aiobafi6-0.10.0
- nixpkgs-25.11-darwin aiobafi6-0.10.0

pkgs.python314Packages.aiobafi6

Library for communication with the Big Ass Fans i6 firmware

nixos-unstable aiobafi6-0.10.1
- nixpkgs-unstable aiobafi6-0.10.1
- nixos-unstable-small aiobafi6-0.10.1

pkgs.tests.fetchFromGitHub.leave-git

None

nixos-unstable i6x92w77k0dr
- nixpkgs-unstable i6x92w77k0dr
- nixos-unstable-small i6x92w77k0dr

pkgs.tests.fetchPypiLegacy.fetchSimple

None

nixos-25.11 0ldjg4xi6gdn
- nixos-25.11-small 0ldjg4xi6gdn
- nixpkgs-25.11-darwin 0ldjg4xi6gdn

pkgs.tests.prefer-remote-fetch.fetchzip

None

nixos-unstable gd4wxpxcwni6
- nixpkgs-unstable gd4wxpxcwni6
- nixos-unstable-small gd4wxpxcwni6

Package maintainers

@fabaff Fabian Affolter <mail@fabian-affolter.ch>

Untriaged

Permalink CVE-2026-1364

9.8 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 2 months, 3 weeks ago

JNC｜IAQS and I6 - Missing Authentication

IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities.

References

https://www.twcert.org.tw/tw/cp-132-10652-4cdca-1.html third-party-advisory
https://www.twcert.org.tw/en/cp-139-10653-117a1-2.html third-party-advisory

Affected products

IAQS

Matching in nixpkgs

pkgs.tests.fetchzip.hiddenDir

None

nixos-unstable ji683ijnf64v
- nixpkgs-unstable ji683ijnf64v
- nixos-unstable-small ji683ijnf64v

pkgs.python312Packages.aiobafi6

Library for communication with the Big Ass Fans i6 firmware

nixos-unstable aiobafi6-0.10.0
- nixpkgs-unstable aiobafi6-0.10.0
- nixos-unstable-small aiobafi6-0.10.0
nixos-25.11 aiobafi6-0.10.0
- nixpkgs-25.11-darwin aiobafi6-0.10.0

pkgs.python313Packages.aiobafi6

Library for communication with the Big Ass Fans i6 firmware

nixos-unstable aiobafi6-0.10.0
- nixpkgs-unstable aiobafi6-0.10.0
- nixos-unstable-small aiobafi6-0.10.0
nixos-25.11 aiobafi6-0.10.0
- nixpkgs-25.11-darwin aiobafi6-0.10.0

pkgs.tests.fetchgit.sparseCheckout

None

nixos-25.11 3kqsbiwprri6
- nixpkgs-25.11-darwin 3kqsbiwprri6

pkgs.tests.fetchpatch2.fileWithSpace

None

nixos-25.11 59i6vdvd05zl
- nixpkgs-25.11-darwin 59i6vdvd05zl

pkgs.tests.fetchurl.no-skipPostFetch

None

nixos-25.11 i0i6bfnqamff
- nixpkgs-25.11-darwin i0i6bfnqamff

pkgs.tests.fetchFromGitHub.dumb-http-signed-tag

None

nixos-25.11 lvi6xvc9xm2s
- nixpkgs-25.11-darwin lvi6xvc9xm2s

Package maintainers

@fabaff Fabian Affolter <mail@fabian-affolter.ch>

Untriaged

Permalink CVE-2026-1363

9.8 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 2 months, 3 weeks ago

JNC｜IAQS and I6 - Client-Side Enforcement of Server-Side Security

IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end.