Lucene search
K

59 matches found

OSV
OSV
added 2026/01/28 10:15 p.m.5 views

CVE-2026-1544

A security flaw has been discovered in D-Link DIR-823X 250416. Impacted is the function sub41E2A0 of the file /goform/setmode. Performing a manipulation of the argument langateway results in os command injection. The attack is possible to be carried out remotely. The exploit has been released to...

8.8CVSS5.6AI score0.03348EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.9 views

PT-2026-6969

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in the D-Link DIR-823X firmware. This issue affects the sub 420688 function within the /goform/set qos file, potentially allowing for operating system command injection. The attack can b...

9CVSS5.5AI score0.05687EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.13 views

PT-2026-6983

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security flaw exists in D-Link DIR-823X version 250416. The issue resides within the Configuration Handler component, specifically in the function sub 4208A0 located in the file /goform/set dmz...

9CVSS5.7AI score0.03818EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2026/01/14 12:0 a.m.14 views

PT-2026-5227

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security flaw exists in D-Link DIR-823X version 250416. The issue is related to the sub 41E2A0 function within the /goform/set mode file. Manipulation of the lan gateway argument can lead to operati...

8.8CVSS6.5AI score0.03348EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2025/10/27 6:22 a.m.4 views

CVE-2025-12235 Tenda CH22 SetIpBind fromSetIpBind buffer overflow

A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be...

8.6CVSS6.5AI score0.04866EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-24100

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.07659EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-27592

Malicious code in bioql PyPI...

5.6CVSS6.5AI score0.0019EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26132

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.06729EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-31457

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.04125EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/09/28 12:0 a.m.5 views

PT-2025-39759

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in D-Link DIR-823X 250416 that allows remote command injection. The issue is located in an unknown function of the file /goform/set device name. Manipulating the mac argument can trigger...

8.8CVSS6.3AI score0.04125EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/09/28 12:0 a.m.6 views

PT-2025-39755

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in the D-Link DIR-823X, specifically within the sub 412E7C function located in the /goform/set switch settings file. Manipulation of the port argument can lead to command injection. This...

8.8CVSS6.4AI score0.04125EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.8 views

PT-2025-39007

The LB-Link routers, including the BL-AC2100 AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000 AE4 v2.4.9, BL-AC1900 AZ2 v1.0.2, BL-X26 AC8 v1.2.8, and BL-LTE300 DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/set serial...

7.4AI score0.01205EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/12 12:20 a.m.14 views

CVE-2025-57570

Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS...

5.6CVSS7.2AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/12 12:20 a.m.13 views

CVE-2025-57573

Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi...

5.6CVSS7.2AI score0.00205EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/12 12:0 a.m.4 views

Tenda F3 goform/setWifi file buffer overflow vulnerability

Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability that originates from the goform/setWifi file failing to properly validate the length size of the input data, which can be exploited by an...

5.6CVSS7.3AI score0.00205EPSS
Exploits0References1
NVD
NVD
added 2025/09/10 4:15 p.m.11 views

CVE-2025-57573

Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi...

5.6CVSS0.00205EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/10 12:0 a.m.5 views

Tenda F3 安全漏洞

Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability that originates from the QosList parameter of the goform/setQoS file failing to properly validate the length size of the input data, which can...

5.6CVSS7.3AI score0.0019EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/10 12:0 a.m.8 views

CVE-2025-57573

Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi...

0.00205EPSS
Exploits0References1
CVE
CVE
added 2025/09/10 12:0 a.m.24 views

CVE-2025-57573

CVE-2025-57573 affects Tenda F3 routers (V12.01.01.48 and later) via goform/setWifi, where an input length validation issue in the wifiTimeClose parameter can trigger a buffer overflow. Documented impact is denial of service; exploitability details are not provided in the core sources, but PT-202...

5.6CVSS6.6AI score0.00205EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/08/28 7:15 p.m.6 views

CVE-2025-9580

A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...

8.8CVSS5.6AI score0.06729EPSS
Exploits1References5
Rows per page
Query Builder