Lucene search
K

1500 matches found

Vulnrichment
Vulnrichment
added 2026/05/04 9:0 a.m.6 views

CVE-2026-7750 Totolink N300RH POST Request cstecgi.cgi setMacFilterRules buffer overflow

A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument macaddress results in buffer overflow. The attack may be launched...

9CVSS6.2AI score0.00463EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 9:0 a.m.11 views

EUVD-2026-26942

A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument macaddress results in buffer overflow. The attack may be launched...

9CVSS6.2AI score0.00463EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/04 9:0 a.m.8 views

CVE-2026-7750

A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument macaddress results in buffer overflow. The attack may be launched...

9CVSS7.8AI score0.00463EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/04 9:0 a.m.48 views

CVE-2026-7750 Totolink N300RH POST Request cstecgi.cgi setMacFilterRules buffer overflow

A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument macaddress results in buffer overflow. The attack may be launched...

9CVSS0.00463EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.11 views

TOTOLINK N300RH 缓冲区错误漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. The version TOTOLINK N300RH 3.2.4-B20220812 contains a buffer overflow vulnerability. This vulnerability stems from the function setMacFilterRules in the POST Request Handler component’s file /cgi-bin/cstecgi.cgi,...

9CVSS7.9AI score0.00463EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/29 6:35 p.m.5 views

CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...

7.1CVSS5.3AI score0.00177EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/29 6:35 p.m.31 views

CVE-2026-7422 MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection...

7.1CVSS0.00177EPSS
Exploits0References4
CVE
CVE
added 2026/04/29 6:35 p.m.16 views

CVE-2026-7422

CVE-2026-7422 affects FreeRTOS-Plus-TCP; insufficient packet validation in IPv4/IPv6 processing (before V4.2.6 and V4.4.1) allows an adjacent attacker to bypass checksum and minimum-size checks by spoofing the Ethernet source MAC to a local endpoint, since loopback-detection skips validation for ...

7.1CVSS5.3AI score0.00177EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.3 views

Juniper Junos OS Vulnerability (JSA73154)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73154 advisory. - An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a...

6.1CVSS5.9AI score0.00167EPSS
Exploits0References6
NVD
NVD
added 2026/04/28 10:16 p.m.4 views

CVE-2026-41446

Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed diagnostic HTTP endpoints that require only the device MAC address and service tag for authentication, both of which are printed in plaintext on the physical device label. Attackers with access to the devi...

9.8CVSS0.00433EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/28 9:15 p.m.39 views

CVE-2026-41446 WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints

Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed diagnostic HTTP endpoints that require only the device MAC address and service tag for authentication, both of which are printed in plaintext on the physical device label. Attackers with access to the devi...

9.8CVSS0.00433EPSS
Exploits0References1
CVE
CVE
added 2026/04/28 9:15 p.m.26 views

CVE-2026-41446

The affected product is the Snap One WattBox 800 and 820 series running firmware

9.8CVSS5.6AI score0.00433EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/28 9:15 p.m.3 views

CVE-2026-41446 WattBox 800 & 820 Series < 2.10.0.0 RCE via Diagnostic Endpoints

Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed diagnostic HTTP endpoints that require only the device MAC address and service tag for authentication, both of which are printed in plaintext on the physical device label. Attackers with access to the devi...

9.8CVSS5.6AI score0.00433EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.10 views

PT-2026-35820

Name of the Vulnerable Software and Affected Versions Snap One WattBox 800 and 820 series versions prior to 2.10.0.0 Description Undisclosed diagnostic HTTP endpoints require only the device MAC address and service tag for authentication. Both values are printed in plaintext on the physical devic...

9.8CVSS6.1AI score0.00433EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013853)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013853 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix use-after-free We've already freed the assocdata at this point, so need to us...

7.8CVSS5.7AI score0.00143EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011044)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011044 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when enabling SCAN log level The variable i is changed...

5.9AI score0.00225EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.7 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : NetworkManager (SUSE-SU-2026:1443-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1443-1 advisory. This update for NetworkManager fixes the following issue: Security fixes: - CVE-2025-9615: Fixed non-admi...

3.3CVSS5.8AI score0.00162EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/04/17 2:40 p.m.7 views

Security update for NetworkManager

This update for NetworkManager fixes the following issue: Security fixes: CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359. Other fixes: Don't renew DHCP lease when software devices' MAC is empty bsc1225498. Patch Instructions: To install this SUSE update use the SUSE...

5.5CVSS5.7AI score0.00162EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/05 9:30 p.m.5 views

EUVD-2019-20052

a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click th...

6.8CVSS6.2AI score0.00138EPSS
Exploits0References4
NVD
NVD
added 2026/04/05 9:16 p.m.6 views

CVE-2019-25658

a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click th...

6.8CVSS0.00138EPSS
Exploits0References3
Rows per page
Query Builder