Lucene search
K

12 matches found

NVD
NVD
added 2026/06/15 6:16 a.m.14 views

CVE-2026-12221

A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload Handler. Performing a manipulation of the argument uid/startoffset results in stack-based buffer overflow. The attack needs to be...

8.6CVSS0.00371EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/15 5:0 a.m.11 views

EUVD-2026-36694

A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload Handler. Performing a manipulation of the argument uid/startoffset results in stack-based buffer overflow. The attack needs to be...

8.6CVSS8.2AI score0.00371EPSS
Exploits0References5
CVE
CVE
added 2026/06/15 5:0 a.m.21 views

CVE-2026-12221

Yealink SIP-T46U (version 108.86.0.118) is affected by a stack-based buffer overflow in the Firmware Chunk Upload Handler, caused by a faulty sprintf in /api/upgrade/upgrade when manipulating uid/start_offset. Exploitation requires local-network access; the exploit is publicly available. No remed...

8.6CVSS7.5AI score0.00371EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/15 5:0 a.m.37 views

CVE-2026-12221 Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack-based overflow

A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload Handler. Performing a manipulation of the argument uid/startoffset results in stack-based buffer overflow. The attack needs to be...

8.6CVSS0.00371EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/15 4:45 a.m.6 views

CVE-2026-12220 Yealink SIP-T46U Firmware Chunk Upload handler accupgradebychunk mod_upgrade.SparePartsUpload stack-based overflow

A vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function modupgrade.SparePartsUpload of the file /api/upgrade/accupgradebychunk of the component Firmware Chunk Upload handler. Such manipulation of the argument uid leads to stack-based buffer overflow. The attack...

8.6CVSS7.5AI score0.00371EPSS
Exploits0References5
CVE
CVE
added 2026/06/15 4:45 a.m.17 views

CVE-2026-12220

A vulnerability exists in Yealink SIP-T46U firmware 108.86.0.118 affecting the mod_upgrade.SparePartsUpload handler in /api/upgrade/accupgradebychunk. Manipulating the uid argument can cause a stack-based buffer overflow. Exploitation is described as local-network only, with public disclosure and...

8.6CVSS7.5AI score0.00371EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49181

Name of the Vulnerable Software and Affected Versions Yealink SIP-T46U version 108.86.0.118 Description A stack-based buffer overflow exists in the Firmware Chunk Upload handler. This occurs when the uid argument is manipulated within the mod upgrade.SparePartsUpload function of the...

8.6CVSS7.6AI score0.00371EPSS
Exploits0References10
OSV
OSV
added 2026/03/16 8:27 p.m.4 views

GO-2026-4695 Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload in github.com/forceu/gokapi

Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload in github.com/forceu/gokapi. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerabili...

4.3CVSS5.8AI score0.00253EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/13 7:9 p.m.42 views

CVE-2026-30961 Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, the chunked upload completion path for file requests does not validate the total file size against the per-request MaxSize limit. An attacker with a public file request link can split an...

4.3CVSS0.00253EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/13 6:56 p.m.3 views

EUVD-2026-12080

Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload...

4.3CVSS5.8AI score0.00253EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/13 6:56 p.m.7 views

Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload

Summary The chunked upload completion path for file requests does not validate the total file size against the per-request MaxSize limit. An attacker with a public file request link can split an oversized file into chunks each under MaxSize and upload them sequentially, bypassing the size...

4.3CVSS5.7AI score0.00253EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2013/11/18 2:55 a.m.1 views

DEBIAN-CVE-2013-2114

Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension...

6.8CVSS8.1AI score0.02344EPSS
Exploits0References1
Rows per page
Query Builder