CVE-2026-7244 Totolink A8000RU CGI cstecgi.cgi setWiFiEasyGuestCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge results in os command injection. It is possible to launch the...

CVE-2021-27700

SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized customer with partner mode can switch to another customer dashboard and perform actions like modify user, delete user, etc...

CVE-2026-4163

A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit...

EUVD-2026-12204

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-4164

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

Wavlink WL-WN578W2 命令注入漏洞

Wavlink WL-WN578W2 is a wireless repeater produced by Wavlink Corporation. The Wavlink WL-WN578W2 version 221110 contains a command injection vulnerability. This vulnerability arises from improper handling of parameters for the functions DeleteMaclist/SetName/GuestWifi in the...

CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

PT-2026-25538

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function Delete Mac list/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit...

CVE-2026-4163 Wavlink WL-WN579A3 POST Request wireless.cgi GuestWifi command injection

A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit...

CVE-2026-4163

CVE-2026-4163 – Wavlink WL-WN579A3 : A command-injection vulnerability affects the POST Request Handler in /cgi-bin/wireless.cgi (SetName/GuestWifi). Manipulating inputs can trigger remote code execution with high impact to confidentiality, integrity, and availability. Exploit maturity is shown a...

CVE-2026-1155 Totolink LR350 cstecgi.cgi setWiFiEasyGuestCfg buffer overflow

A vulnerability was found in Totolink LR350 9.3.5u.6369B20220309. Affected by this vulnerability is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack may be performed from remote. The exploit has been ma...

CVE-2021-27701

SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery CSRF via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request...

EUVD-2025-27374

Malicious code in bioql PyPI...

CVE-2025-57070

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-57070

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-57070

Affects: Tenda G3 router (firmware 3.0br_V15.11.0.17). Vulnerability: A stack overflow in the gstUp parameter within the guestWifiRuleRefresh function. Impact: Denial of Service via a crafted request; attacker needs network access and no authentication required per CVSS vector. Root cause: insuff...

PT-2025-36897

Name of the Vulnerable Software and Affected Versions: Tenda G3 version 3.0br V15.11.0.17 Description: The Tenda G3 router contains a stack overflow in the gstUp parameter within the guestWifiRuleRefresh function. This issue allows attackers to cause a Denial of Service DoS through a crafted...

CVE-2025-3664

A vulnerability, which was classified as critical, was found in TOTOLINK A3700R 9.1.2u.5822B20200513. Affected is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has be...

CVE-2021-27701

SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery CSRF via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request...