PT-2023-25752 · Totolink · Totolink Cp300+

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP300+ version 5.2cu.7594 B20200910 Description: A stack overflow issue was discovered via the pingIp parameter in the setDiagnosisCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK CP300+ version...

PT-2023-29051 · D Link · Dlink Dph-400Se

Name of the Vulnerable Software and Affected Versions: DLINK DPH-400SE FRU version 2.2.15.8 Description: An issue in the software allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component. Recommendations: For DLINK DPH-400SE FRU...

PT-2023-27700 · Unknown · Prixan Prixanconnect

Name of the Vulnerable Software and Affected Versions: Prixan prixanconnect versions up to v1.62 Description: The issue is related to a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts. This vulnerability allows for the injection of malicious SQL...

PT-2023-5765 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetWLanRadioSettings function via the TXPower parameter. This allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2023-5729 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetWLanRadioSettings function when handling the GuardInt parameter. This allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2023-5732 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetParentsControlInfo function when handling the Mac parameter. This allows attackers to cause a Denial of Service DoS via crafted input. The...

PT-2023-27999 · Unknown · Zoo Management System

Name of the Vulnerable Software and Affected Versions: Zoo Management System version 1.0 Description: A stored cross-site scripting XSS vulnerability in the Add Animal Details function allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description of...

PT-2023-27674 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 1.0BR V15.03.05.16 Description: The issue concerns a Buffer Overflow that can be triggered via the function sub 7D858. Recommendations: For version 1.0BR V15.03.05.16, as a temporary workaround, consider disabling the sub...

PT-2023-27665 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version US AC6V1.0BR V15.03.05.16 multi TD01.bin Description: The issue concerns a command execution vulnerability in the sub ADF3C function. This vulnerability is exploited through the formSetIptv function, which obtains the list a...

PT-2023-8675 · Zbar +5 · Zbar +5

Name of the Vulnerable Software and Affected Versions: ZBar version 0.23.90 Description: A heap-based buffer overflow exists in the qr reader match centers function. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this issue, an attacker c...

PT-2023-27640 · Phicomm · Phicomm K2

Name of the Vulnerable Software and Affected Versions: Phicomm k2 version 22.6.529.216 Description: The Phicomm k2 router contains a command injection vulnerability via the luci.sys.call function. This issue allows for remote command execution. Recommendations: For Phicomm k2 version 22.6.529.216...

PT-2023-25476 · Skalenetwork · Skalenetwork Sgxwallet

Name of the Vulnerable Software and Affected Versions: skalenetwork sgxwallet version 1.9.0 Description: The issue allows an attacker to cause a denial of service via the trustedBlsSignMessage function. This is a Buffer Overflow vulnerability. Recommendations: For skalenetwork sgxwallet version...

PT-2023-5195 · Gnu +4 · Binutils +4

Name of the Vulnerable Software and Affected Versions: Binutils versions prior to 2.39.3 Description: The issue is related to the compare symbols function in objdump.c and is caused by incorrect clearing or release of resources. This can be exploited by an attacker to cause a denial of service or...

PT-2023-29100 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version EN V9.3.5u.6146 B20201023 Description: A critical issue was found, affecting the setDiagnosisCfg function, which leads to os command injection. This can be initiated remotely. Recommendations: For TOTOLINK EX1200L...

PT-2023-4624 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version EN V9.3.5u.6146 B20201023 Description: A critical issue has been found, affecting the setTracerouteCfg function, which can lead to os command injection. This can be exploited remotely. The issue is related to errors i...

PT-2023-26645 · Comfast · Comfast Cf-Xr11

Name of the Vulnerable Software and Affected Versions: COMFAST CF-XR11 version 2.7.2 Description: An issue in COMFAST CF-XR11 allows an attacker to execute arbitrary code via the protal delete picname parameter in the sub 41171C function at bin/webmgnt. Recommendations: For COMFAST CF-XR11 versio...

PT-2023-27113 · Icms · Icms

Name of the Vulnerable Software and Affected Versions: iCMS version 7.0.16 Description: The issue is related to a SQL injection vulnerability. It affects the bakupdata function, allowing for potential SQL injection attacks. Recommendations: For iCMS version 7.0.16, consider disabling the bakupdat...

PT-2023-26696 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda F1202 version 1.2.0.9 Tenda FH1202 version 1.2.0.9 Description: A stack overflow issue was discovered via the mit ssid parameter in the formWrlsafeset function. This issue affects the specified versions of Tenda F1202 and FH1202...

PT-2023-26321 · Unknown · Y Project Ruoyi

Name of the Vulnerable Software and Affected Versions: y project RuoYi versions up to 4.7.7 Description: A vulnerability has been found in the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be...

PT-2023-25799 · Microsoft · Chakracore

Name of the Vulnerable Software and Affected Versions: ChakraCore version cbb9b Description: A stack overflow issue was discovered in ChakraCore via the Js::ScopeSlots::IsDebuggerScopeSlotArray function. Recommendations: For ChakraCore version cbb9b, as a temporary workaround, consider disabling...