CVE-2026-2881

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...

CVE-2026-2881

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...

CVE-2026-2881

CVE-2026-2881 affects D-Link DWR-M960 (firmware 1.01.07). The vulnerability resides in the Advanced Firewall Configuration Endpoint, specifically the /boafrm/formFirewallAdv component, within function sub_425FF8. Manipulating the submit-url argument can trigger a stack-based buffer overflow and i...

CVE-2026-2881 D-Link DWR-M960 Advanced Firewall Configuration Endpoint formFirewallAdv sub_425FF8 stack-based overflow

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...

CVE-2026-2881

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...

CVE-2026-2881 D-Link DWR-M960 Advanced Firewall Configuration Endpoint formFirewallAdv sub_425FF8 stack-based overflow

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...

CVE-2026-2507

When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K000160003)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.5.1.5 / Hotfix- BIGIP-17.5.1.4.0.17.20-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000160003 advisory. When BIG-IP AFM or BIG-IP DDoS Hybrid Defender is provisioned, undisclosed traffic...

PT-2026-20463

Name of the Vulnerable Software and Affected Versions BIG-IP AFM and BIG-IP DDoS affected versions not specified Description Undisclosed traffic can cause Traffic Management Microkernel TMM to terminate when BIG-IP Application Firewall AFM or BIG-IP Distributed Denial of Service DDoS is...

EUVD-2017-15207

Malware in sbrugna...

D-Link DIR-605L和D-Link DIR-618 安全漏洞

The D-Link DIR-605L and D-Link DIR-618 are both a wireless router from China-based AUO D-Link. An Access Control Error vulnerability exists in the D-Link DIR-605L version 3.02 and the D-Link DIR-618 version 2.02, which stems from improper access control in the file /goform/formAdvFirewall, and ca...

CVE-2024-25560

When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP AFM 代码问题漏洞

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. F5 BIG-IP AFM has a code issue vulnerability that can be exploited by attackers to upload maliciously crafted files and execute arbitrary commands...

F5 BIG-IP多款产品命令注入漏洞

F5 BIG-IP and so on are products of F5 Corporation in the U.S.A. F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, etc. F5 BIG-IP ASM is a Web Application Firewall WAF, and F5 Big-Ip Advanced Waf is an Advanc...

CVE-2022-23018

On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel TMM...

F5 BIG-IP APM和F5 BIG-IP SQL注入漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A SQL injection vulnerability exists in F5 BIG-IP AFM. The vulnerability allows an authenticated attacker to execute maliciou...

Modernizing your network security strategy

From the global pandemic to recent cyberattacks, our world has faced many challenges during the past 12 months. Some of these challenges we can’t change. However, I’m pleased about the ones we can, and are changing across the cybersecurity landscape. For example, to facilitate remote work and...

Product update: Virtuozzo Automator 7.0 Update 2 Hotfix 10 (VA MN: 7.0.2-647, VA Agent: 7.0.2-367)

Hotfix 10 for Virtuozzo Automator 7.0.2 provides stability and usability fixes. Vulnerability id: PVA-37446 Unable to set "Advanced firewall mode with the default policy Drop" for containers. Vulnerability id: PVA-37477 VA Agent could consume 100% of one CPU. Vulnerability id: PVA-37479 VA Agent...

F5 BIG-IP Cross-Site Scripting Vulnerability (CNVD-2019-30622)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in F5 BIG-IP AFM and PEM, which can be exploited by an attacker to execute...

CVE-2019-6639

On BIG-IP AFM, PEM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not...