59 matches found
CVE-2026-1544
A security flaw has been discovered in D-Link DIR-823X 250416. Impacted is the function sub41E2A0 of the file /goform/setmode. Performing a manipulation of the argument langateway results in os command injection. The attack is possible to be carried out remotely. The exploit has been released to...
PT-2026-6969
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in the D-Link DIR-823X firmware. This issue affects the sub 420688 function within the /goform/set qos file, potentially allowing for operating system command injection. The attack can b...
PT-2026-6983
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security flaw exists in D-Link DIR-823X version 250416. The issue resides within the Configuration Handler component, specifically in the function sub 4208A0 located in the file /goform/set dmz...
PT-2026-5227
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security flaw exists in D-Link DIR-823X version 250416. The issue is related to the sub 41E2A0 function within the /goform/set mode file. Manipulation of the lan gateway argument can lead to operati...
CVE-2025-12235 Tenda CH22 SetIpBind fromSetIpBind buffer overflow
A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be...
EUVD-2025-24100
Malicious code in bioql PyPI...
EUVD-2025-27592
Malicious code in bioql PyPI...
EUVD-2025-26132
Malicious code in bioql PyPI...
EUVD-2025-31457
Malicious code in bioql PyPI...
PT-2025-39759
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in D-Link DIR-823X 250416 that allows remote command injection. The issue is located in an unknown function of the file /goform/set device name. Manipulating the mac argument can trigger...
PT-2025-39755
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in the D-Link DIR-823X, specifically within the sub 412E7C function located in the /goform/set switch settings file. Manipulation of the port argument can lead to command injection. This...
PT-2025-39007
The LB-Link routers, including the BL-AC2100 AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000 AE4 v2.4.9, BL-AC1900 AZ2 v1.0.2, BL-X26 AC8 v1.2.8, and BL-LTE300 DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/set serial...
CVE-2025-57570
Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS...
CVE-2025-57573
Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi...
Tenda F3 goform/setWifi file buffer overflow vulnerability
Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability that originates from the goform/setWifi file failing to properly validate the length size of the input data, which can be exploited by an...
CVE-2025-57573
Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi...
Tenda F3 安全漏洞
Tenda F3 is a 300M wireless router launched on May 15, 2015 by Shenzhen Jixiang Tenda Technology Co. Tenda F3 suffers from a buffer overflow vulnerability that originates from the QosList parameter of the goform/setQoS file failing to properly validate the length size of the input data, which can...
CVE-2025-57573
Tenda F3 V12.01.01.48multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi...
CVE-2025-57573
CVE-2025-57573 affects Tenda F3 routers (V12.01.01.48 and later) via goform/setWifi, where an input length validation issue in the wifiTimeClose parameter can trigger a buffer overflow. Documented impact is denial of service; exploitability details are not provided in the core sources, but PT-202...
CVE-2025-9580
A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...