Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

34 matches found

Positive Technologies
Positive Technologiesadded 2025/10/07 12:0 a.m.4 views

PT-2025-41005

Name of the Vulnerable Software and Affected Versions Planet WGR-500 version 1.3411b190912 Description Several OS command injection issues are present in the swctrl functionality. A crafted network request can allow for arbitrary command execution. The new device name request parameter is involve...

8.8CVSS7.5AI score0.03686EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-48512

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00815EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2025-25305

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00258EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-25541

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00384EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/08/24 12:13 a.m.6 views

CVE-2025-55605

Tenda AX3 V16.03.12.10CN is vulnerable to Buffer Overflow in the saveParentControlInfo function via the deviceName parameter...

9.8CVSS7.2AI score0.00384EPSS
Exploits1References1
CVE
CVEadded 2025/08/22 12:0 a.m.21 views

CVE-2025-55605

CVE-2025-55605 affects Tenda AX3 (V16.03.12.10_CN). A buffer overflow in saveParentControlInfo is triggered via the deviceName parameter, enabling potential denial of service. Public sources (CNVD/CNVD-related entries, Red Hat, NVD, CVE list, PT-Security) confirm the fault originates in saveParen...

9.8CVSS6.5AI score0.00384EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologiesadded 2025/08/22 12:0 a.m.4 views

PT-2025-34440 · Tenda · Tenda Ax3

Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.10 CN Description: The Tenda AX3 device is susceptible to a buffer overflow issue in the saveParentControlInfo function. The vulnerability is triggered through the deviceName parameter. Recommendations: Update to a...

9.8CVSS7.8AI score0.00384EPSS
Exploits1References5
CVE
CVEadded 2025/08/20 12:0 a.m.19 views

CVE-2025-55503

The CVE covers Tenda AC6 routers with firmware 15.03.06.23_multi, where the saveParentControlInfo function is vulnerable to a stack overflow via the deviceName parameter due to insufficient input validation. This can lead to denial of service. Public technical details in connected sources confirm...

7.3CVSS7.6AI score0.00258EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2025/06/09 12:0 a.m.1 views

TOTOLINK T10 安全漏洞

The TOTOLINK T10 is a wireless router manufactured by TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK T10 version 4.1.8cu.5207, which affects the function setWiFiMeshName in the /cgi-bin/cstecgi.cgi file of the component's POST request handler.An attacker can exploit the vulnerabilit...

9CVSS7.4AI score0.06928EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/06/03 12:0 a.m.1 views

TOTOLINK X2000R 代码注入漏洞

TOTOLINK X2000R is a wireless router from China's Gion Electronics TOTOLINK. A cross-site scripting vulnerability exists in the TOTOLINK X2000R, which stems from the lack of effective filtering and escaping of user-supplied data by the Device Name parameter in the component Parent Controls Page,...

4.8CVSS6.1AI score0.00279EPSS
Exploits1References6
OSV
OSVadded 2025/05/02 3:15 p.m.2 views

CVE-2025-44872

Tenda AC9 V15.03.06.42multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

9.8CVSS6.1AI score0.01974EPSS
Exploits1References1
CNNVD
CNNVDadded 2025/05/02 12:0 a.m.2 views

TOTOLINK A950RG 安全漏洞

The TOTOLINK A950RG is an ultra-generation Giga wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A950RG suffers from a command execution vulnerability that stems from improper handling of the deviceMac parameter in the setDeviceName interface in the /lib/cstemodules/global.so...

9.8CVSS7.6AI score0.00725EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2024/12/28 12:0 a.m.3 views

PT-2024-10186 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version V15.03.05.19 Description: The issue is related to a stack overflow vulnerability in the formSetDeviceName function, specifically through the devName parameter. This vulnerability can be exploited by sending a specially...

10CVSS9.4AI score0.00741EPSS
Exploits1References4
BDU FSTEC
BDU FSTECadded 2024/11/22 12:0 a.m.3 views

The vulnerability in the operation_mode.cgi script of NETGEAR R7000P microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability in the operationmode.cgi script of NETGEAR R7000P router microprogramming software is related to buffer overflow during the processing of the devicename2 parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

5.7CVSS6.3AI score0.00557EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2024/10/14 10:15 p.m.2 views

CVE-2024-35520

Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMTinvite.cgi via devicename2 parameter...

6.8CVSS5.8AI score0.09053EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/10/14 12:0 a.m.2 views

NETGEAR R7000 安全漏洞

The NETGEAR R7000 is a wireless router from NETGEAR. The NETGEAR R7000 version 1.0.11.136 suffers from a command injection vulnerability that stems from the devicename2 parameter failing to correctly filter constructed command special characters, commands, and so on. An attacker could exploit thi...

8.4CVSS7.8AI score0.09053EPSS
Exploits0References2
OSV
OSVadded 2024/01/17 8:15 a.m.3 views

CVE-2023-51739

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

5.4CVSS5.9AI score0.00358EPSS
Exploits0References1
OSV
OSVadded 2024/01/09 9:15 a.m.3 views

CVE-2023-50585

Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function...

9.8CVSS5.9AI score0.00701EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/01/09 12:0 a.m.2 views

PT-2024-13945 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda A18 version 15.13.07.09 Description: A stack overflow issue was discovered via the devName parameter in the formSetDeviceName function. This issue can be exploited, potentially allowing unauthorized access or control. Recommendations: F...

9.8CVSS9.3AI score0.00701EPSS
Exploits1References5
OSV
OSVadded 2023/11/27 5:15 p.m.3 views

CVE-2023-49047

Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName...

7.5CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder