14 matches found
CVE-2026-7692
A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...
PT-2026-35274
Name of the Vulnerable Software and Affected Versions D-Link DIR-822 A 101 Description A command injection issue exists in the udhcpd DHCP Service within the system function of the /udhcpcd/dhcpd.c file. A remote attacker can exploit this by manipulating the Hostname argument to execute arbitrary...
CVE-2026-6013
A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack may be performed from remote. The explo...
CVE-2025-14567
A weakness has been identified in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This affects an unknown function of the file /api/employees. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has...
EUVD-2025-201706
A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...
CVE-2025-13191
A vulnerability was determined in D-Link DIR-816L 206b09beta. This issue affects the function soapcgimain of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This...
CVE-2025-13188
A vulnerability was detected in D-Link DIR-816L 206b09beta. Affected by this vulnerability is the function authenticationcgimain of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible...
CVE-2025-10666
A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affected by this vulnerability is the function sub4106d4 of the file apply.cgi. The manipulation of the argument countdowntime results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...
CVE-2025-53715
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/Wan6to4TunnelCfgRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service DoS condition. The...
CVE-2024-4960
UNSUPPORTED WHEN ASSIGNED A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Affected is an unknown function of the file interface/sysmanage/licenseauthorization.php. The manipulation of the argument fileupload leads to unrestricted upload. It is possible to...
CVE-2024-8259
The CVE-2024-8259 entry concerns an SQL Injection in Eryaz Information Technologies’ NatraCar B2B Dealer Management Program. The issue stems from improper neutralization of special elements in SQL commands, enabling unauthenticated SQL injection prior to an end-of-life date (through 09.12.2024). ...
PT-2024-17404 · Xpodas · Octopod
Name of the Vulnerable Software and Affected Versions: Octopod versions prior to v1 Description: The issue affects XPodas Octopod, allowing authentication bypass by primary weakness. This vulnerability enables unauthorized access. The vendor was contacted, and it was learned that the product is n...
PT-2023-4037 · D Link · D-Link Dir-859
Name of the Vulnerable Software and Affected Versions: D-Link DIR-859 versions FW105b03 Description: The issue is related to an authentication bypass in the D-Link DIR-859 router's firmware, specifically affecting the phpcgi main function. This allows remote attackers to gain escalated privileges...
CVE-2017-20011 WEKA INTEREST Security Scanner HTTP denial of service
A vulnerability was found in WEKA INTEREST Security Scanner 1.8. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Handler. The manipulation with an unknown input leads to denial of service. It is possible to launch the attack on the local host. Th...