CVE-2026-36610

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 transmits DDNS credentials over plaintext HTTP with only Base64 encoding. The firmware contains no TLS implementation, allowing man-in-the-middle interception of DDNS service credentials...

CVE-2026-36606

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...

CVE-2026-36606

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...

EUVD-2026-34151

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 enables WPS 2.0 by default with a weak lockout policy 60-second lockout after 10 attempts...

CVE-2026-36607

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint code=10, which lacks the rate limiting applied to the login endpoint code=7. An attacker on the adjacent network can attempt unlimited passwords without...

CVE-2026-36615

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...

EUVD-2026-34152

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers...

PT-2026-45993

Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 is vulnerable to a HTTP denial of service via a low number of crafted incomplete HTTP requests, causing a persistent crash that requires physical power cycling to recover...

CVE-2026-36613

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers...

EUVD-2026-1714

AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the loginerror parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of the WordPress web...

EUVD-2025-26234

The authenticated remote command execution RCE vulnerability exists in the Parental Control page on TP-Link Archer C7EU V2 and TL-WR841N/NDMS V9. This issue affects Archer C7EU V2: before 241108 and TL-WR841N/NDMS V9: before 241108. Both products have reached the status of EOL end-of-life. It's...

PT-2024-14445 · Mercusys · Mercusys Mw325R

Name of the Vulnerable Software and Affected Versions: Mercusys MW325R EU V3 version 1.11.0 Description: The issue is a stack-based buffer overflow that could allow an attacker to execute arbitrary code. Exploiting the issue requires authentication. Recommendations: For Mercusys MW325R EU V3...

Exploit for Race Condition in Qualcomm Apq8053_Firmware

Fork My adaptation for the SM-F926U from the original exploit...

CVE-2023-31701

TP-Link TL-WPA4530 KIT V2 EU170406 and V2 EU161115 is vulnerable to Command Injection via httpRpmPlcDeviceRemove...

CVE-2023-31700

TP-Link TL-WPA4530 KIT V2 EU170406 and V2 EU161115 is vulnerable to Command Injection via httpRpmPlcDeviceAdd...

TP-LINK TL-WPA4530 命令注入漏洞

The TP-LINK TL-WPA4530 is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK TL-WPA4530 KIT V2EU170406 version and V2EU161115 version, which stems from the presence of command injection via httpRpmPlcDeviceAdd...

PT-2020-10105 · D Link · D-Link Dsl-2680

Name of the Vulnerable Software and Affected Versions: D-Link DSL-2680 version EU 1.03 Description: A Broken Access Control issue in the web administration interface allows an attacker to enable or disable MAC address filtering by submitting a crafted "Forms/WlanMacFilter 1" POST request without...

D-Link DSL-3782 Buffer Overflow Vulnerability (CNVD-2018-09181)

The D-Link DSL-3782 is a wireless router product from AUO D-Link. A buffer overflow vulnerability exists in the /userfs/bin/tcapi binary in the D-Link DSL-3782 EU version 1.01. An attacker can exploit this vulnerability to cause memory corruption, potentially redirecting program flow and executin...