CVE-2025-12210

CVE-2025-12210 affects Tenda O3, version 1.0.0.10(2478). The vulnerability is in the SetValue/GetValue handlers of the file /goform/AdvSetLanip, where the lanIp argument length is not properly validated, causing a stack-based buffer overflow. It can be triggered remotely and publicly available ex...

CVE-2025-11121 Tenda AC18 AdvSetLanip command injection

A security vulnerability has been detected in Tenda AC18 15.03.05.19. The impacted element is an unknown function of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and m...

CVE-2017-8840

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

CVE-2017-8840

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

CVE-2017-8840

Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. A direct request to cgi-bin/HASync/hasync.cgi?debug=1 shows Master LAN Address, Serial Number, HA Group ID, Virtual IP, a...

[Full-Disclosure] Zonet ZSR1104WE Router problem

Zonet ZSR1104WE Router does not report inbound connections with their WAN ip address. All inbound connections are posted as the routers LAN address. This issue is a simple one. The ZSR1104WE router with the listed firmware / hardware will not report an inbound TCP/IP connections WAN address. We...