CVE-2024-39963

AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution RCE vulnerability via the macFilterType parameter at /goform/setMacFilterCfg...

CVE-2025-66848

JD Cloud NAS routers AX1800 4.3.1.r4308 and earlier, AX3000 4.3.1.r4318 and earlier, AX6600 4.5.1.r4533 and earlier, BE6500 4.4.1.r4308 and earlier, ER1 4.5.1.r4518 and earlier, and ER2 4.5.1.r4518 and earlier contain an unauthorized remote command execution vulnerability...

CVE-2025-66848

JD Cloud NAS routers AX1800 4.3.1.r4308 and earlier, AX3000 4.3.1.r4318 and earlier, AX6600 4.5.1.r4533 and earlier, BE6500 4.4.1.r4308 and earlier, ER1 4.5.1.r4518 and earlier, and ER2 4.5.1.r4518 and earlier contain an unauthorized remote command execution vulnerability...

CVE-2025-66848

JD Cloud NAS routers AX1800 4.3.1.r4308 and earlier, AX3000 4.3.1.r4318 and earlier, AX6600 4.5.1.r4533 and earlier, BE6500 4.4.1.r4308 and earlier, ER1 4.5.1.r4518 and earlier, and ER2 4.5.1.r4518 and earlier contain an unauthorized remote command execution vulnerability...

CVE-2025-66848

CVE-2025-66848 affects JD Cloud NAS routers: AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r4308 and earlier), ER1 (4.5.1.r4518 and earlier), and ER2 (4.5.1.r4518 and earlier). The vulnerability is an unauthorized remote comman...

CVE-2025-66848

JD Cloud NAS routers AX1800 4.3.1.r4308 and earlier, AX3000 4.3.1.r4318 and earlier, AX6600 4.5.1.r4533 and earlier, BE6500 4.4.1.r4308 and earlier, ER1 4.5.1.r4518 and earlier, and ER2 4.5.1.r4518 and earlier contain an unauthorized remote command execution vulnerability...

PT-2025-54202

Name of the Vulnerable Software and Affected Versions JD Cloud NAS routers AX1800 versions 4.3.1.r4308 and earlier JD Cloud NAS routers AX3000 versions 4.3.1.r4318 and earlier JD Cloud NAS routers AX6600 versions 4.5.1.r4533 and earlier JD Cloud NAS routers BE6500 versions 4.4.1.r4308 and earlier...

VulnCheck KEV: CVE-2024-1781

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

EUVD-2021-26568

Malware in sbrugna...

CVE-2021-3229

Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.38410177 and earlier versions allows an attacker to disrupt the use of device setup services via continuous login error...

CVE-2024-39963

AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution RCE vulnerability via the macFilterType parameter at /goform/setMacFilterCfg...

CVE-2024-39962

D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router v21D240126 was discovered to contain a remote code execution RCE vulnerability in the ntpzoneval parameter at /goform/setntp. This vulnerability is exploited via a crafted HTTP request...

CVE-2024-39963

The CVE-2024-39963 issue affects the AX3000 Dual-Band Gigabit Wi‑Fi 6 Router models AX9 (V22.03.01.46) and AX12 (V1.0 V22.03.01.46). Affected component is the /goform/setMacFilterCfg API, where an authenticated user can trigger remote command execution via the macFilterType parameter. Impact is d...

TP-Link Archer AX3000 Security Vulnerability

TP-LINK Archer AX3000 is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-Link Archer AX3000, which stems from the presence of an operating system command injection vulnerability that allows an attacker to execute arbitrary operating system commands by restoring...

PT-2024-5005 · Tp Link · Tp-Link Archer Ax3000 +3

Name of the Vulnerable Software and Affected Versions: TP-LINK products affected versions not specified TP-Link Archer AX3000 TP-Link Archer AXE75 TP-Link Archer AX5400 TP-Link Archer Air R5 TP-Link Archer AXE5400 Description: The issue allows a network-adjacent attacker with administrative...

CVE-2024-0401

CVE-2024-0401 affects multiple ASUS routers that support custom OpenVPN profiles. An authenticated, remote attacker can execute arbitrary OS commands by uploading a crafted OVPN profile, with impact on confidentiality, integrity, and availability per the cited sources. Affected models include: AS...

CVE-2024-0401 ASUS OVPN RCE

ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U,...

CVE-2024-1781

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

CVE-2024-1781

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

Command injection

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...