Lucene search
K

592 matches found

RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.6 views

CVE-2026-7685

A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor...

9CVSS7.7AI score0.00481EPSS
Exploits0References1
NVD
NVD
added 2026/05/03 7:16 a.m.20 views

CVE-2026-7685

A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor...

9CVSS0.00481EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/03 7:0 a.m.39 views

CVE-2026-7685 Edimax BR-6208AC setWAN buffer overflow

A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor...

9CVSS0.00481EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/03 6:45 a.m.13 views

EUVD-2026-26822

A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be...

9CVSS6.2AI score0.00481EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/03 6:30 a.m.6 views

CVE-2026-7683 Edimax BR-6428nC Web setWAN command injection

A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipulation of the argument pppUserName/pptpUserName causes command injection. The attack can be initiated remotely. The exploit has bee...

6.5CVSS5.5AI score0.01543EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/03 6:30 a.m.7 views

CVE-2026-7683

A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipulation of the argument pppUserName/pptpUserName causes command injection. The attack can be initiated remotely. The exploit has bee...

6.5CVSS6.3AI score0.01543EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/03 1:30 a.m.6 views

CVE-2026-7674 Shenzhen Libituo Technology LBT-T300-HW1 Web Management start_single_service buffer overflow

A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function startsingleservice of the component Web Management Interface. Executing a manipulation of the argument vpnpptpserver/vpnl2tpserver can lead to buffer overflow. The attack can be executed...

9CVSS7.7AI score0.00481EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.10 views

EDIMAX BR-6208AC 缓冲区错误漏洞

The EDIMAX BR-6208AC is a wireless broadband router produced by Edimax Corporation of Taiwan. Versions of the Edimax BR-6208AC prior to 1.02 contained a buffer overflow vulnerability. This vulnerability stemmed from an unknown function in the file/goform/setWAN, which handled the parameter...

9CVSS7.8AI score0.00481EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.18 views

PT-2026-36674

Name of the Vulnerable Software and Affected Versions Edimax BR-6428nC versions prior to 1.17 Description A buffer overflow can be triggered remotely via an unknown function within the '/goform/setWAN' endpoint. This occurs through the manipulation of the pptpDfGateway argument. Recommendations A...

9CVSS7.3AI score0.00481EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/04/27 7:23 p.m.10 views

CVE-2026-7054

A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS8.7AI score0.00655EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/27 2:45 a.m.4 views

CVE-2026-7080 Tenda F456 httpd PPTPUserSetting fromPPTPUserSetting buffer overflow

A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS8.7AI score0.00641EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/27 2:45 a.m.5 views

CVE-2026-7080

A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS8.7AI score0.00641EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/04/27 2:45 a.m.30 views

CVE-2026-7080 Tenda F456 httpd PPTPUserSetting fromPPTPUserSetting buffer overflow

A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS0.00641EPSS
Exploits1References5
CVE
CVE
added 2026/04/27 2:45 a.m.15 views

CVE-2026-7080

This CVE affects Tenda F456 devices running version 1.0.0.5, where the httpd component’s file /goform/PPTPUserSetting contains the function fromPPTPUserSetting. The vulnerability arises from manipulation of the delno argument, leading to a buffer overflow. The issue is exploitable remotely and ha...

9CVSS8.7AI score0.00641EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.9 views

Tenda F456 缓冲区错误漏洞

The Tenda F456 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.5 of the Tenda F456 contains a buffer overflow vulnerability. This vulnerability stems from improper handling of the parameter delno in the fromPPTPUserSetting function within the httpd component’s...

9CVSS7.5AI score0.00641EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/26 4:45 p.m.38 views

CVE-2026-7054 Tenda F456 httpd PPTPDClient fromPptpUserAdd buffer overflow

A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS0.00655EPSS
Exploits1References5
NVD
NVD
added 2026/04/26 12:16 p.m.10 views

CVE-2026-7037

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed...

10CVSS0.01785EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/26 11:45 a.m.3 views

CVE-2026-7037 Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed...

10CVSS8.2AI score0.01785EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/26 11:45 a.m.45 views

CVE-2026-7037 Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed...

10CVSS0.01785EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/20 9:30 a.m.6 views

EUVD-2026-23784

A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the restricted web environment and execute arbitrary code on the underlying operating system. This occurs due to insufficient validation of user-supplied...

9.4CVSS6.2AI score0.01451EPSS
Exploits1References2
Rows per page
Query Builder