Lucene search
+L

44 matches found

CVE
CVE
added 2025/10/27 4:32 p.m.17 views

CVE-2025-12296

The CVE-2025-12296 entry affects D-Link DAP-2695 model with firmware 2.00RC13. The vulnerability arises from the function sub_4174B0 in the Firmware Update Handler, enabling os command injection due to a manipulation. It can be triggered remotely, and the exploit has been publicly disclosed. The ...

9.8CVSS5.2AI score0.07031EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.10 views

PT-2025-43984

A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function sub 40C6B8 of the component Firmware Update Handler. Executing manipulation can lead to improper verification of cryptographic signature. The attack can be launched remotely. Attacks of this nature ar...

7.5CVSS6.8AI score0.00411EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.9 views

PT-2025-43985

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub 4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may b...

5.8CVSS7AI score0.07031EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.10 views

D-Link DAP-2695 操作系统命令注入漏洞

The D-Link DAP-2695 is a high-performance dual-band wireless access point from China AUO D-Link. An OS command injection vulnerability exists in the D-Link DAP-2695 version 2.00RC13, which originates from the presence of os command injection in the function sub4174B0 in the Firmware Update Handle...

9.8CVSS5.5AI score0.07031EPSS
Exploits1References6
CNVD
CNVD
added 2025/10/17 12:0 a.m.2 views

D-Link DAP-2695 Operating System Command Injection Vulnerability

The D-Link DAP-2695 is a high-performance dual-band wireless access point from China's AUO D-Link. The D-Link DAP-2695 version 2.00RC131 suffers from an operating system command injection vulnerability, which originates from the failure of the function fwupdatermain of the component Firmware Upda...

9.8CVSS7.8AI score0.06812EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/14 7:42 a.m.4 views

CVE-2025-11666

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

8.4CVSS6.5AI score0.00145EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/13 9:30 a.m.5 views

EUVD-2025-34055

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

8.4CVSS6.3AI score0.00145EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/13 9:30 a.m.5 views

EUVD-2025-34058

A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...

5.8CVSS5AI score0.06812EPSS
Exploits1References6
NVD
NVD
added 2025/10/13 7:15 a.m.4 views

CVE-2025-11666

A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...

8.4CVSS0.00145EPSS
Exploits0References5
OSV
OSV
added 2025/10/13 7:15 a.m.5 views

CVE-2025-11665

A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...

9.8CVSS5.7AI score0.06812EPSS
Exploits1References5
CVE
CVE
added 2025/10/13 7:2 a.m.12 views

CVE-2025-11666

CVE-2025-11666 affects Tenda RP3 Pro firmware up to version 22.5.7.93. The vulnerability resides in the Firmware Update Handler’s force_upgrade.sh, where manipulating the current_force_upgrade_pwd argument can trigger use of a hard-coded password. Local attack required. Public exploit exists. Rem...

8.4CVSS6.3AI score0.00145EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/13 6:32 a.m.21 views

CVE-2025-11665 D-Link DAP-2695 Firmware Update rgbin fwupdater_main os command injection

A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...

5.8CVSS0.06812EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-24945

Malicious code in bioql PyPI...

7.5CVSS6.7AI score0.00341EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24943

Malicious code in bioql PyPI...

7.5CVSS6.7AI score0.0042EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25639

Malicious code in bioql PyPI...

8.6CVSS7.1AI score0.0029EPSS
Exploits0References4
NVD
NVD
added 2025/08/24 7:15 a.m.3 views

CVE-2025-9379

A vulnerability was determined in Belkin AX1800 1.1.00.016. Affected by this vulnerability is an unknown functionality of the component Firmware Update Handler. This manipulation causes insufficient verification of data authenticity. The attack can be initiated remotely. The vendor was contacted...

8.6CVSS0.0029EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/24 6:32 a.m.12 views

CVE-2025-9379 Belkin AX1800 Firmware Update data authenticity

A vulnerability was determined in Belkin AX1800 1.1.00.016. Affected by this vulnerability is an unknown functionality of the component Firmware Update Handler. This manipulation causes insufficient verification of data authenticity. The attack can be initiated remotely. The vendor was contacted...

8.6CVSS0.0029EPSS
Exploits0References4
CVE
CVE
added 2025/08/24 6:32 a.m.21 views

CVE-2025-9379

This CVE concerns Belkin AX1800 router (firmware 1.1.00.016) with a vulnerability in the Firmware Update Handler. The issue is insufficient verification of data authenticity, enabling remote exploitation. Multiple connected sources corroborate that the vulnerability can be triggered remotely and ...

8.6CVSS7AI score0.0029EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/16 8:14 p.m.16 views

CVE-2025-8980

A vulnerability has been found in Tenda G1 16.01.7.83660. Affected by this issue is the function checkuploadfile of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is...

7.5CVSS7.1AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 8:15 p.m.8 views

CVE-2025-8980

A vulnerability has been found in Tenda G1 16.01.7.83660. Affected by this issue is the function checkuploadfile of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is...

7.5CVSS0.00341EPSS
Exploits0References7
Rows per page
Query Builder