8515 matches found
CVE-2022-26941
CVE-2022-26941 affects Motorola MTM5000 series firmware; the AT+CTGL command handler contains a format-string vulnerability where an attacker-controlled string can be misinterpreted, enabling a write-anything-anywhere condition and arbitrary code execution inside the teds_app binary that runs wit...
CVE-2022-26941 Format string vulnerability in AT+CTGL command in Motorola MTM5000
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the tedsapp...
Motorola MTM5000 Formatting String Error Vulnerability
The Motorola MTM5000 is a mobile radio from Motorola, USA. A security vulnerability exists in the Motorola MTM5000 that stems from a format string vulnerability in the AT+CTGL command in the command handler, which results in a write-anywhere scenario that can be exploited to obtain arbitrary code...
The vulnerability of the Advanced Open VPN function in the microprogramming software for Wi-Fi routers from ASUS, RT-AX88U, allows a intruder to gain unauthorized access to protected information and execute arbitrary code.
The vulnerability of the Advanced Open VPN function in the microprogramming software for Wi-Fi routers from ASUS, the RT-AX88U, is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected...
Format string
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...
CVE-2023-41349 ASUS RT-AX88U - externally-controlled format string
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...
CVE-2023-41349 ASUS RT-AX88U - externally-controlled format string
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within its Advanced Open VPN function. An authenticated remote attacker can exploit the exported OpenVPN configuration to execute an externally-controlled format string attack, resulting in sensitivity...
CVE-2023-41349
CVE-2023-41349 affects ASUS RT-AX88U routers and involves an externally controllable format string vulnerability in the Advanced OpenVPN function. An authenticated remote attacker can exploit an exported OpenVPN configuration to trigger a format string attack, leading to sensitive information lea...
CVE-2023-39238
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its setiperf3svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution,...
CVE-2023-39239
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary...
CVE-2023-39240
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its setiperf3cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remo...
CVE-2023-39240
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its setiperf3cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remo...
CVE-2023-39238
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its setiperf3svr.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution,...
CVE-2023-39239
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary...
Format string
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its setiperf3svr.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code...
Format string
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote...
Format string
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its setiperf3cli.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perfor...
CVE-2023-39240
CVE-2023-39240 affects ASUS RT-AX56U V2: a format string vulnerability in the iperf client API, caused by insufficient validation in set_iperf3_cli.cgi. A remote attacker with administrator privileges could achieve remote code execution or service disruption. Exploitation details are not provided...
CVE-2023-39240 ASUS RT-AX55、RT-AX56U_V2 - Format String - 3
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its setiperf3cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remo...
CVE-2023-39240 ASUS RT-AX55、RT-AX56U_V2 - Format String - 3
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its setiperf3cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remo...