CVE-2019-19505

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or...

CVE-2019-19506

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot...

CVE-2019-19505

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or...

CVE-2019-19506

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot...

CVE-2019-16213

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system wi...

CVE-2019-16213

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system wi...

Code injection

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system wi...

CVE-2019-19505

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or...

CVE-2019-19505

CVE-2019-19505 affects the Tenda PA6 Wi‑Fi Powerline extender (firmware 1.0.1.21). The web UI’s Wireless section accepts a specially crafted hostname, triggering a stack-based buffer overflow that could allow remote code execution or crash. Threat analysis notes the flaw requires an authenticated...

CVE-2019-19506

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot...

CVE-2019-19506

The CVE-2019-19506 entry concerns the Tenda PA6 Wi‑Fi Powerline extender (version 1.0.1.21). The vulnerability resides in the homeplugd process and is triggered by sending a specially crafted UDP packet to cause a reboot (pre-auth Denial of Service). ThreatPost reports the device exposes a web UI...

CVE-2019-16213

CVE-2019-16213—Tenda PA6 Powerline extender is affected. The web server in firmware 1.0.1.21 allows an authenticated user to inject commands by changing the name of an attached PLC device, because the input is concatenated to a system command without validation, yielding root-level code execution...

CVE-2019-16213

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system wi...

NETGEAR R7800, PLW1000 and PLW1010 Buffer Overflow Vulnerability

NETGEAR R7800 and others are products of NETGEAR, Inc.NETGEAR R7800 is a wireless router.NETGEAR PLW1000 is a power line communication modem.NETGEAR PLW1010 is a power line communication modem.NETGEAR R7800 is a wireless router.NETGEAR PLW1010 is a wireless router. A buffer overflow vulnerability...

devolo dLAN 550 duo+ Starter Kit - Remote Code Execution

devolo dLAN 550 duo+ Starter Kit - Remote Code Execution devolo dLAN 550 duo+ Starter Kit Remote Code Execution Vendor: devolo AG Product web page: https://www.devolo.com Affected version: dLAN 500 AV Wireless+ 3.1.0-1 i386 Summary: Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter which is a...

devolo dLAN 550 duo+ Starter Kit - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications devolo dLAN 550 duo+ Starter Kit Cross-Site Request Forgery Vendor: devolo AG Product web page: https://www.devolo.com Affected version: dLAN 500 AV Wireless+ 3.1.0-1 i386 Summary: Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter whi...

devolo dLAN 550 duo+ Starter Kit - Remote Code Execution Vulnerability

Exploit for hardware platform in category web applications devolo dLAN 550 duo+ Starter Kit Remote Code Execution Vendor: devolo AG Product web page: https://www.devolo.com Affected version: dLAN 500 AV Wireless+ 3.1.0-1 i386 Summary: Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter which is...