CVE-2026-1143 TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg buffer overflow

A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822B20200513. This affects the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument ssid can lead to buffer overflow. The attack may be launched remotely. The exploit has been made availab...

CVE-2026-1143 TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg buffer overflow

A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822B20200513. This affects the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument ssid can lead to buffer overflow. The attack may be launched remotely. The exploit has been made availab...

MiracleLinux 7 : libguestfs-1.32.7-3.0.1.el7.AXS7, virt-p2v-1.32.7-2.el7 (AXSA:2016-1143:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-1143:01 advisory. libguestfs Libguestfs is a library for accessing and modifying virtual machine disk images. http://libguestfs.org It can be used to make batch configuration...

PT-2026-3394

Name of the Vulnerable Software and Affected Versions TOTOLINK A3700R version 9.1.2u.5822 B20200513 Description A flaw exists in TOTOLINK A3700R. A buffer overflow can occur through manipulation of the ssid argument within the setWiFiEasyGuestCfg function located in the /cgi-bin/cstecgi.cgi file...

EUVD-2012-1143

Malware in sbrugna...

EUVD-2021-1143

Malware in sbrugna...

EUVD-2023-1143

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2009-1143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that...

CVE-2025-1143

creationtimestamp| type| source ---|---|--- 2025-02-11 03:26:03+00:00| seen| https://infosec.exchange/users/cve/statuses/113983118569221116 2025-02-11 04:15:32+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhusdpt23s2c 2025-02-11 04:48:27+00:00| seen|...

CVE-2025-1143 Billion Electric M120N - Use of Hard-coded Credentials

Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of the system...

CVE-2025-1143

CVE-2025-1143 affects Billion Electric routers (M100, M150, M120N). Public records describe hard-coded embedded Linux credentials in the SSH service, allowing an attacker with local access to log in and obtain root privileges. The CVSS 3.1 vector indicates local access, low attack complexity, and...

RHEL 8 : open-vm-tools (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - open-vm-tools: access bypass due to realpath race condition in mount.vmhgfs aka hgfsmounter CVE-2009-1143 Note that...

CVE-2024-1143

creationtimestamp| type| source ---|---|--- 2024-02-02 07:21:43+00:00| seen| https://t.me/ctinow/177934 2024-02-24 15:16:45+00:00| seen| https://t.me/ctinow/192617...

CVE-2024-1143

Central Dogma (LY Corporation) is affected by an XSS vulnerability in versions prior to 0.64.1 that can leak user sessions via RelayState processing of SAML messages, potentially enabling authentication bypass. The issue is documented across multiple sources (CVE-2024-1143, OSV, RH/Red Hat, JVN/J...

Oracle Linux 5 : ELSA-2014-1143-1: / kernel (ELSA-2014-11431)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-11431 advisory. - kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially...

CVE-2023-1143

creationtimestamp| type| source ---|---|--- 2023-03-27 18:19:58+00:00| seen| https://t.me/cibsecurity/60778 2025-01-16 21:56:32+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2062...

CVE-2023-1143

Delta Electronics InfraSuite Device Master (versions prior to 1.0.5) is affected by a Lua script deserialization/remote code execution vulnerability. The issue stems from Lua scripting support in the device, allowing an unauthenticated or minimally authenticated attacker to remotely execute arbit...

CVE-2009-1143

creationtimestamp| type| source ---|---|--- 2022-11-23 20:14:13+00:00| seen| https://t.me/cibsecurity/53454 2025-04-25 21:08:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13542...

CVE-2009-1143

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs aka hgfsmounter...

CVE-2009-1143

CVE-2009-1143 : Open-vm-tools 2009.03.18-154848 contains a realpath race condition in mount.vmhgfs (hgfsmounter) that allows local users to bypass mounting-share access restrictions via a symlink attack. The context indicates a local-privilege-like risk with high impact to confidentiality, integr...