1163 matches found
CVE-2026-10655
The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...
EUVD-2026-39862
Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...
CVE-2026-32833
CVE-2026-32833 affects Cudy LT300 3.0 firmware prior to 2.5.12. The vulnerability arises in the system time configuration interface, where an authenticated attacker can inject shell metacharacters into the cbid.system.ntp.current POST parameter via the NTP settings endpoint, enabling remote code ...
Astra Linux – Vulnerability in NTP
In ntp 4.2.8p10, 4.2.8p11, 4.2.8p12, and 4.2.8p13, remote attackers can prevent a broadcast client from synchronizing its clock with a broadcast NTP server through soofed modes 3 and 5. The attacker must either be part of the same broadcast network or control a slave device in that broadcast...
CVE-2026-7418
A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been public...
Astra Linux – Vulnerability in NTP
The praecisparse function in ntpd/refclockpalisade.c, within NTP 4.2.8p15, contains an out-of-bounds write vulnerability. Any attack method would be complex, for example, using a manipulated GPS receiver...
Astra Linux – Vulnerability in NTP
In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability when copying the trailing number. An attacker may be able to exploit this vulnerability against a client’s NTPQ process, but they cannot exploit it against ntpd...
Astra Linux – Vulnerability in NTP
In the mstolfp.c file within NTP 4.2.8p15, there is a buffer overflow vulnerability when a \0' character is added. An adversary may be able to attack a client ntpq process, but they cannot attack the ntpd process...
Astra Linux – Vulnerability in NTP
In the file libntp/mstolfp.c, within the NTP 4.2.8p15 version, there is a buffer overflow vulnerability when adding a decimal point. An attacker may be able to exploit a client ntpq process, but they cannot exploit ntpd...
Astra Linux – Vulnerability in NTP
In NTP versions 4.2.8, 4.2.8p15, and 4.3.x, before 4.3.101, remote attackers could cause a denial of service memory consumption by sending packets. This occurs because memory is not released in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file...
Astra Linux – Vulnerability in NTP
In NTP versions prior to 4.2.8p14 and 4.3.x before 4.3.100, remote attackers could exploit this vulnerability to cause a denial of service—resulting in the daemon exiting or the system time being changed. This was possible by predicting the transmit timestamps used in forged packets. The victim w...
Astra Linux – Vulnerability in NTP
In NTP versions prior to 4.2.8p14 and 4.3.x before 4.3.100, ntpd allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address. This occurs because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
EUVD-2026-30044
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...
CVE-2026-36741
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...
U-SPEED AC1200 安全漏洞
The U-SPEED AC1200 is a Gigabit dual-band Wi-Fi router produced by the U-SPEED company. The U-SPEED AC1200 T18-21K V1.0 version contains a security vulnerability. This vulnerability arises from the incorrect handling of user input in the NTP configuration interface. As a result, authenticated use...
PT-2026-40706
Name of the Vulnerable Software and Affected Versions U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K version 1.0 Description The Network Time Protocol NTP configuration interface fails to properly sanitize user-supplied input. An authenticated user with permissions to modify NTP settings can...
CVE-2026-36741
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...
CVE-2026-36741
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...
CVE-2026-36741
U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...
CLSA-2026-1777453146 ntp: Fix of 2 CVEs
CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...