EUVD-2026-26775

A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function platformdoupgradecameodev of the file cameodev.sh of the component Firmware Update Handler. Performing a manipulation results in insufficient verification of data authenticity. The attack is possible to be...

PT-2026-36585

A weakness has been identified in TRENDnet TEW-821DAP 1.12B01. This issue affects the function find hwid/new gui update firmware of the component Firmware Update Handler. Executing a manipulation of the argument dest can lead to insufficient verification of data authenticity. The attack can be...

CVE-2025-12295

CVE-2025-12295 affects D-Link DAP-2695 with firmware version 2.00RC13. The vulnerability is in the Firmware Update Handler’s function sub_40C6B8, where manipulated submissions can bypass cryptographic signature verification. The issue can be exploited remotely; exploitation complexity is noted as...

EUVD-2025-34058

A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...

CVE-2025-11665

A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...

CVE-2025-11665

A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...

CVE-2025-11665 D-Link DAP-2695 Firmware Update rgbin fwupdater_main os command injection

A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdatermain of the file rgbin of the component Firmware Update Handler. Performing manipulation results in os command injection. The attack may be initiated remotely. This vulnerability only affects products th...

CVE-2025-11665

The CVE-2025-11665 issue affects D-Link DAP-2695 (firmware version 2.00RC131). The root cause is in the fwupdater_main function of the rgbin component within the Firmware Update Handler, where input handling allows os command injection. The vulnerability can be triggered remotely and may lead to ...

PT-2025-41759

Name of the Vulnerable Software and Affected Versions D-Link DAP-2695 version 2.00RC131 Description A flaw exists in the D-Link DAP-2695 related to the Firmware Update Handler component. Specifically, the fwupdater main function within the rgbin file is susceptible to os command injection. This...

CVE-2025-8979

A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function checkfwtype/splitfireware/checkfw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack can be launched remotely. The...

Insyde InsydeH2O kernel 安全漏洞

Insyde InsydeH2O kernel is a program kernel for updating computer BIOS from Insyde, a Chinese company. A security vulnerability exists in Insyde InsydeH2O kernel versions prior to 5.7 05.70.50, which is caused by a buffer over-read...

PT-2024-35364 · Dell · Dell Client Platform Firmware Update Utility

Name of the Vulnerable Software and Affected Versions: Dell Client Platform Firmware Update Utility affected versions not specified Description: The issue is related to an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this...

CVE-2023-32658

Unquoted search path in some IntelR NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

ThinkPad Hybrid USB-C with USB-A Dock Firmware Update Tool 安全漏洞

Lenovo ThinkPad Hybrid USB-C with USB-A Dock Firmware Update Tool is a firmware update tool from Lenovo China. A security vulnerability exists in the ThinkPad Hybrid USB-C with USB-A Dock Firmware Update Tool, which originated from a vulnerability that allows an attacker with local access...

PT-2023-36149 · Fwupd · Fwupd

Name of the Vulnerable Software and Affected Versions: fwupd affected versions not specified Description: The issue is related to the secure boot key. The package has been rebuilt with a new secure boot key. Recommendations: At the moment, there is no information about a newer version that contai...

rpi-update tmpfile vulnerability

Raspberry Pi Firmware Updater Vulnerability Application: https://github.com/Hexxeh/rpi-update/ Version Tested: Github source as of 10ad1e975a 10th Feb commit Vulnerability 1: A malicious user can clobber any file due to insecure tmp file handling. Example: Any unprivileged user can create the...

Raspberry Pi Firmware Updater File Clobber

Raspberry Pi Firmware Updater Vulnerability Application: https://github.com/Hexxeh/rpi-update/ Version Tested: Github source as of 10ad1e975a 10th Feb commit Vulnerability 1: A malicious user can clobber any file due to insecure tmp file handling. Example: Any unprivileged user can create the...