44 matches found
CVE-2025-12296
The CVE-2025-12296 entry affects D-Link DAP-2695 model with firmware 2.00RC13. The vulnerability arises from the function sub_4174B0 in the Firmware Update Handler, enabling os command injection due to a manipulation. It can be triggered remotely, and the exploit has been publicly disclosed. The ...
PT-2025-43984
A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function sub 40C6B8 of the component Firmware Update Handler. Executing manipulation can lead to improper verification of cryptographic signature. The attack can be launched remotely. Attacks of this nature ar...
PT-2025-43985
A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub 4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may b...
D-Link DAP-2695 操作系统命令注入漏洞
The D-Link DAP-2695 is a high-performance dual-band wireless access point from China AUO D-Link. An OS command injection vulnerability exists in the D-Link DAP-2695 version 2.00RC13, which originates from the presence of os command injection in the function sub4174B0 in the Firmware Update Handle...
D-Link DAP-2695 Operating System Command Injection Vulnerability
The D-Link DAP-2695 is a high-performance dual-band wireless access point from China's AUO D-Link. The D-Link DAP-2695 version 2.00RC131 suffers from an operating system command injection vulnerability, which originates from the failure of the function fwupdatermain of the component Firmware Upda...
CVE-2025-11666
A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...
EUVD-2025-34055
A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...
EUVD-2025-34058
A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...
CVE-2025-11666
A flaw has been found in Tenda RP3 Pro up to 22.5.7.93. This impacts an unknown function of the file forceupgrade.sh of the component Firmware Update Handler. Executing manipulation of the argument currentforceupgradepwd can lead to use of hard-coded password. The attack can only be executed...
CVE-2025-11665
A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...
CVE-2025-11666
CVE-2025-11666 affects Tenda RP3 Pro firmware up to version 22.5.7.93. The vulnerability resides in the Firmware Update Handler’s force_upgrade.sh, where manipulating the current_force_upgrade_pwd argument can trigger use of a hard-coded password. Local attack required. Public exploit exists. Rem...
CVE-2025-11665 D-Link DAP-2695 Firmware Update rgbin fwupdater_main os command injection
A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...
EUVD-2025-24945
Malicious code in bioql PyPI...
EUVD-2025-24943
Malicious code in bioql PyPI...
EUVD-2025-25639
Malicious code in bioql PyPI...
CVE-2025-9379
A vulnerability was determined in Belkin AX1800 1.1.00.016. Affected by this vulnerability is an unknown functionality of the component Firmware Update Handler. This manipulation causes insufficient verification of data authenticity. The attack can be initiated remotely. The vendor was contacted...
CVE-2025-9379 Belkin AX1800 Firmware Update data authenticity
A vulnerability was determined in Belkin AX1800 1.1.00.016. Affected by this vulnerability is an unknown functionality of the component Firmware Update Handler. This manipulation causes insufficient verification of data authenticity. The attack can be initiated remotely. The vendor was contacted...
CVE-2025-9379
This CVE concerns Belkin AX1800 router (firmware 1.1.00.016) with a vulnerability in the Firmware Update Handler. The issue is insufficient verification of data authenticity, enabling remote exploitation. Multiple connected sources corroborate that the vulnerability can be triggered remotely and ...
CVE-2025-8980
A vulnerability has been found in Tenda G1 16.01.7.83660. Affected by this issue is the function checkuploadfile of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is...
CVE-2025-8980
A vulnerability has been found in Tenda G1 16.01.7.83660. Affected by this issue is the function checkuploadfile of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is...