CVE-2026-36618

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software version unbound 1.22.0, aiding targeted attacks against known vulnerabilities...

CVE-2026-36610

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 transmits DDNS credentials over plaintext HTTP with only Base64 encoding. The firmware contains no TLS implementation, allowing man-in-the-middle interception of DDNS service credentials...

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. Versions of Edimax EW-7438RPn prior to 1.31 contained a security vulnerability. This vulnerability stemmed from the formWirelessTbl function in the webs component files and/goform/formWirelessTbl, which handl...

Atlona ATOMERX21 - Authenticated Command Injection

// Exploit Title: Atlona AT-OME-RX21 Authenticated Command Injection // Google Dork: N/A // Date: 2025-12-28 // Exploit Author: RIZZZIOM // Vendor Homepage: https://atlona.com // Software Link: https://atlona.com/product/at-ome-rx21/ // Version: Firmware -u -p -l -P -c package main import "bytes"...

CVE-2025-70545

A stored cross-site scripting XSS vulnerability exists in the web management interface of the PPC Belden ONT 2K05X router running firmware v1.1.9206L. The Common Gateway Interface CGI component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary...

EUVD-2025-200034

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

CVE-2025-55810

A vulnerability was found in Alaga Home Security WiFi Camera 3K model S-CW2503C-H with hardware version V03 and firmware version 1.4.2, which allows physical attackers to execute commands as root via script file with a specific name on a SD card...

PT-2025-47844

Name of the Vulnerable Software and Affected Versions D-Link DIR-822K versions 1.00 20250513164613 and 1.1.50 D-Link DWR-M920 versions 1.00 20250513164613 and 1.1.50 Description A buffer overflow issue exists in D-Link DIR-822K and DWR-M920 routers. The issue is related to the manipulation of the...

CVE-2025-28203

Victure RX1800 ENV1.0.0r12110933 was discovered to contain a command injection vulnerability...

PT-2024-27698 · Trendnet · Trendnet Tew-814Dap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-814DAP version v1 FW1.01B01 Description: A stack overflow issue was discovered via the submit-url parameter at the "/formSysLog" API endpoint. Recommendations: For TRENDnet TEW-814DAP version v1 FW1.01B01, as a temporary...

CVE-2023-43314

UNSUPPORTED WHEN ASSIGNED The buffer overflow vulnerability in the Zyxel PMG2005-T20B firmware version V1.00ABNK.2b11C0 could allow an unauthenticated attacker to cause a denial of service condition via a crafted uid...

Blitzwolf BW-IS22 Smart Home Security Alarm 安全漏洞

The Blitzwolf BW-IS22 Smart Home Security Alarm is a smart home alarm system from Blitzwolf. A security vulnerability exists in the Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 firmware version, which stems from a vulnerability that allows an attacker to gain full access, where the attacker c...

WAGO 安全漏洞

WAGO is a 750-88x series programmable logic controller from WAGO, Germany. The device is an electronic system designed for the operation of digital algorithms for applications in industrial environments. A security vulnerability exists in WAGO Unmanaged Switch 852-111/000-001 firmware version 01,...

PT-2022-27850 · Microchip · Rn4870 +1

Name of the Vulnerable Software and Affected Versions: Microchip RN4870 module firmware version 1.43 Microchip PIC LightBlue Explorer Demo version 4.2 DT100112 Description: The issue is related to the Microchip RN4870 module firmware and the Microchip PIC LightBlue Explorer Demo being unresponsiv...

CVE-2022-29328

D-Link DAP-1330OSS-firmware1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade...

CVE-2022-28971

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service DoS...

Iball WRD12EN 跨站请求伪造漏洞

The Iball WRD12EN is a router from iBall Iball India. The iBall WRD12EN version 1.0.0 suffers from a cross-site request forgery vulnerability that stems from a software request that lacks cross-site request forgery token validation, which can be exploited by an attacker to enable DNS settings or...

Zyxel VPN2S 路径遍历漏洞

Zyxel Vpn2S is a reliable and secure Vpn router from China's Heqin Technology Zyxel. A security vulnerability exists in the web server of the Zyxel VPN2S firmware version 1.12, which could allow remote attackers to access sensitive information...

iBall Baton ADSL2+ Authentication Bypass Vulnerability

The iBall Baton ADSL2+ Home Router is a router from iBall India. An authentication bypass vulnerability exists in the iBall Baton ADSL2+ Home Router version FWiB-LR7011A1.0.2. An attacker can exploit the vulnerability by logging into the admin panel with the help of building URLs with .cgi...

CVE-2017-10813

CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors...