CVE-2026-5184

A vulnerability was identified in TRENDnet TEW-713RE up to 1.02. The impacted element is an unknown function of the file /goform/setSysAdm. The manipulation of the argument admuser leads to command injection. The attack can be initiated remotely. The exploit is publicly available and might be use...

CVE-2026-2182

A weakness has been identified in UTT 进取 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to th...

CVE-2026-2182

UTT 进取 521G 3.1.1-190816 is affected by a vulnerability in the doSystem function of /goform/setSysAdm. Manipulating the passwd1 argument can trigger a command injection, potentially allowing remote code execution. Reported publicly; attack vector is NETWORK with LOW attack complexity and HIGH pri...

EUVD-2026-5768

A weakness has been identified in UTT 进取 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to th...

EUVD-2025-25877

Malicious code in bioql PyPI...

CVE-2025-9526

A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this issue is the function setSysAdm of the file /goform/setSysAdm. Such manipulation of the argument rmport leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2025-9526 Linksys E1700 setSysAdm stack-based overflow

A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this issue is the function setSysAdm of the file /goform/setSysAdm. Such manipulation of the argument rmport leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2025-9526

Linksys E1700 router vulnerability CVE-2025-9526 in the setSysAdm function (/goform/setSysAdm). The rm_port argument manipulation causes a stack-based buffer overflow, enabling remote code execution. Exploitation has been disclosed publicly and the vendor has not responded in documented sources. ...

PT-2025-34861

Name of the Vulnerable Software and Affected Versions: Linksys E1700 version 1.0.0.4.003 Description: A stack-based buffer overflow exists in the setSysAdm function of the /goform/setSysAdm file. Manipulation of the rm port argument can trigger this issue, allowing for remote code execution. The...

CVE-2025-9358

A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function setSysAdm of the file /goform/setSysAdm. The manipulation of the argument admpasshint results in...

UTT Progressive 750W Unauthenticated Password Change Vulnerability

The UTT Progress 750W is an enterprise-grade dual-band wireless router from Atech Technology UTT, which is aimed at SMB network environments. The UTT Progress 750W suffers from an unauthenticated password change vulnerability, which originates from an unauthenticated password change due to...

CVE-2025-6098

A vulnerability was found in UTT 进取 750W up to 5.0. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the component API. The manipulation of the argument passwd1 leads to buffer overflow. It is possible to initiate the attack remotely. The explo...

UTT 750W 安全漏洞

The UTT Progress 750W is an enterprise-grade dual-band wireless router from Atech Technology UTT, which is aimed at SMB network environments. The UTT Progress 750W suffers from an unauthenticated password change vulnerability, which originates from an unauthenticated password change due to...

CVE-2022-28915

D-Link DIR-816 A2v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm...

VulnCheck KEV: CVE-2020-35713

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page...

CVE-2022-42999

D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities via the admuser and admpass parameters at /goform/setSysAdm...

PT-2022-5271 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: The issue is related to command injection vulnerabilities. These vulnerabilities can be exploited via the admuser and admpass parameters at the "/goform/setSysAdm" API endpoint. The vulnerabilit...

CVE-2022-28915

D-Link DIR-816 A2v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm...

Belkin LINKSYS RE6500 Remote Code Execution Vulnerability

The Linksys RE6500 is an AC1200 dual-band WiFi extender from Belkin. A remote code execution vulnerability exists in Belkin LINKSYS RE6500 versions prior to 1.0.012.001. A remote attacker can exploit the vulnerability by using shell metacharacters on the goform/setSysAdm page to execute arbitrary...

CVE-2020-35713

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page...