WAVLINK WN579X3 - Remote Command Execution

Remote Command Execution vulnerability in WAVLINK WN579X3 routers via pingIp parameter in /cgi-bin/adm.cgi. id: CVE-2023-3380 info: name: WAVLINK WN579X3 - Remote Command Execution author: pussycat0x severity: critical description: | Remote Command Execution vulnerability in WAVLINK WN579X3 route...

EUVD-2023-40872

Malicious code in bioql PyPI...

The vulnerability of the web interface of D-Link DIR-300 and DIR-600 microprogrammed software routers allows a hacker to execute arbitrary commands.

The vulnerability of the web interfaces of D-Link DIR-300 and DIR-600 microprogrammed software routers is related to the failure to eliminate special elements used in the operating system’s processing of the pingIp parameter. Exploiting this vulnerability allows a remote attacker to execute...

CVE-2013-10050

An OS command injection vulnerability exists in multiple D-Link routers confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13 via the authenticated toolsvct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid...

CVE-2023-50991

Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2, allows remote attackers to cause a denial of service DoS via the pingIp parameter in the pingSet function...

CVE-2023-36952

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

CVE-2025-44868

Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the pingtest function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44868

Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the pingtest function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

The vulnerability of the cgiPingSet() function (Program:/bin/httpd) in the Tenda W12 and i24 router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the cgiPingSet function Program:/bin/httpd in the Tenda W12 and i24 router microprogramming systems is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

Tenda i29 安全漏洞

The Tenda i29 is a wireless router from the Chinese company Tenda. The Tenda i29 suffers from a buffer overflow vulnerability that originates from the pingIp parameter in the pingSet function failing to properly validate the length of the input data, which can be exploited by a remote attacker to...

PT-2024-14039 · Tenda · Tenda I29

Name of the Vulnerable Software and Affected Versions: Tenda i29 versions 1.0 V1.0.0.2 through 1.0 V1.0.0.5 Description: The issue allows remote attackers to cause a denial of service DoS via the pingIp parameter in the pingSet function. This can lead to service disruption. Recommendations: For...

CVE-2023-36952

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

CVE-2023-36952

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

Stack overflow

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

TOTOLINK CP300+ Buffer Error Vulnerability

The TOTOLINK CP300+ is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK CP300+ version V5.2cu.7594B20200910 and prior versions, which originates from the pingIp parameter in the function setDiagnosisCfg containing a stack overflow...

CVE-2023-36952

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

PT-2023-25752 · Totolink · Totolink Cp300+

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP300+ version 5.2cu.7594 B20200910 Description: A stack overflow issue was discovered via the pingIp parameter in the setDiagnosisCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK CP300+ version...

WAVLINK WN579X3 注入漏洞

WAVLINK WN579X3 is a wireless access point from China RuiYin Technology WAVLINK. An injection vulnerability exists in Wavlink WN579X3 versions prior to 20230615, which stems from a problem with the file /cgi-bin/adm.cgi, where incorrect manipulation of the parameter pingIp can lead to injection...

PT-2023-24503 · Wavlink · Wavlink Wn579X3

Name of the Vulnerable Software and Affected Versions: Wavlink WN579X3 versions up to 20230615 Description: A critical issue has been discovered, affecting an unknown function of the /cgi-bin/adm.cgi file in the Ping Test component. The manipulation of the pingIp argument leads to injection. This...

PT-2013-5932 · D Link · D-Link Dir-100

Name of the Vulnerable Software and Affected Versions: D-Link DIR-100 routers affected versions not specified Description: A stack-based buffer overflow issue exists in the RuntimeDiagnosticPing function, located in /bin/webs on D-Link DIR-100 routers. This could potentially allow remote...