PT-2026-35644

A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be use...

MINI-7248-5GFC-X5H2

Bulletin has no description...

CVE-2020-7248

libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 has a tagged binary data JSON serialization vulnerability that may cause a stack based buffer overflow...

CVE-2025-7248

creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-501/...

Linux Distros Unpatched Vulnerability : CVE-2006-7248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7250, CVE-2012-1410. Reason: this candidate was intended for one issue, but CVE users ma...

CVE-2024-7248

creationtimestamp| type| source ---|---|--- 2024-07-30 00:40:35+00:00| seen| https://t.me/cvedetector/1946...

CVE-2023-7248

creationtimestamp| type| source ---|---|--- 2024-03-15 21:22:01+00:00| seen| https://t.me/ctinow/209151 2024-03-15 21:26:14+00:00| seen| https://t.me/ctinow/209164...

CVE-2023-7248 OpenText Vertica Management console might be prone to bypass via crafted requests

Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests. The vulnerability would affect one of Vertica’s authentication functionalities by allowing specially crafted requests and sequences. This issue impacts the following Vertica Management...

CVE-2023-7248

OpenText Vertica Management Console vulnerabilities: CVE-2023-7248 involves bypassing an authentication check via crafted requests. Affected versions are 10.x, 11.1.1-24 or lower, and 12.0.4-18 or lower. Remediation options include upgrading to 11.1.1-25, 12.0.4-19, or moving to newer 23.x/24.x b...

OpenWRT < 18.06.7, 19.x < 19.07.1 Multiple Vulnerabilities

OpenWRT is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-7248

CVE-2020-7248 affects the OpenWrt libubox library. Multiple sources describe a stack-based buffer overflow caused by a vulnerability in the tagged binary data JSON serialization, specifically in JSON conversion of binary blobs via blobmsg_format_json. The issue impacts OpenWrt before 18.06.7 and ...

Security Advisory 2020-01-31-2 - libubox tagged binary data JSON serialization vulnerability (CVE-2020-7248)

DESCRIPTION Possibly exploitable vulnerability exists in the libubox library of OpenWrt, specifically in the parts related to JSON conversion of tagged binary data, so called blobs. An attacker could possibly exploit this behavior by providing specially crafted binary blob or JSON which would the...

CVE-2018-7248

CVE-2018-7248 affects Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317. An unauthenticated request to a specific API endpoint allows verifying a username and returns the user’s logon domain if the account exists, or 'null' if it does not, enabling basic domain-identity enumeration. The available...

CVE-2017-7248

Gazelle (a BitTorrent tracker framework) is affected by CVE-2017-7248: an XSS vulnerability in Gazelle-master/sections/better/transcode.php allows an attacker to inject arbitrary HTML/JS via the type parameter due to insufficient input filtration. This affects versions before 2017-03-19 per the C...

CVE-2016-7248

CVE-2016-7248 affects Microsoft Windows Video Control in Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 (versions 1507–1607). The vulnerability allows remote attackers to execute arbitrary code by rendering a crafted file; the issue stems from the Microsoft Video Co...

Design/Logic Flaw

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE and ZXV10 W300 devices W300V1.0.0fER1PE allow remote authenticated users to bypass intended access restrictions, and discover credentials and keys, by reading the configuration file, a different vulnerability than CVE-2015-7248...

CVE-2015-7248

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703...

CVE-2015-7248

CVE-2015-7248 affects ZTE ZXHN H108N R1A and ZXV10 W300 routers. The vulnerability enables information exposure by allowing remote attackers to read the cgi-bin/webproc HTML source and obtain usernames and password hashes. This is a separate issue from CVE-2015-8703. Public sources in the connect...

ZTE ZXHN H108N R1A / ZXV10 W300 Routers - Multiple Vulnerabilities

Exploit Title: ZTE ZXHN H108N R1A + ZXV10 W300 routers - multiple vulnerabilities Discovered by: Karn Ganeshen CERT VU 391604 Vendor Homepage: www.zte.com.cn Versions Reported ZTE ZXHN H108N R1A - Software version ZTE.bhs.ZXHNH108NR1A ZTE ZXV10 W300 - Software version - w300v1.0.0fER1PE Overview...

ZTE ZXHN H108N R1A, ZXV10 W300 Routers - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: ZTE ZXHN H108N R1A + ZXV10 W300 routers - multiple vulnerabilities Discovered by: Karn Ganeshen CERT VU 391604 Vendor Homepage: www.zte.com.cn Versions Reported ZTE ZXHN H108N R1A - Software version ZTE.bhs.ZXHNH108NR1A ZTE...