Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.5 views

CVE-2026-7692

A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...

6.5CVSS6.4AI score0.03191EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.13 views

PT-2026-35274

Name of the Vulnerable Software and Affected Versions D-Link DIR-822 A 101 Description A command injection issue exists in the udhcpd DHCP Service within the system function of the /udhcpcd/dhcpd.c file. A remote attacker can exploit this by manipulating the Hostname argument to execute arbitrary...

7.5CVSS7.8AI score0.02476EPSS
Exploits1References12
NVD
NVD
added 2026/04/10 5:16 a.m.3 views

CVE-2026-6013

A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack may be performed from remote. The explo...

9CVSS0.0074EPSS
Exploits1References5
NVD
NVD
added 2025/12/12 4:15 p.m.13 views

CVE-2025-14567

A weakness has been identified in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This affects an unknown function of the file /api/employees. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has...

7.5CVSS0.00684EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/08 10:32 a.m.6 views

EUVD-2025-201706

A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...

5.1CVSS5.1AI score0.00195EPSS
Exploits0References5
NVD
NVD
added 2025/11/15 7:15 a.m.6 views

CVE-2025-13191

A vulnerability was determined in D-Link DIR-816L 206b09beta. This issue affects the function soapcgimain of the file /soap.cgi. This manipulation causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This...

9.8CVSS0.00805EPSS
Exploits1References5
NVD
NVD
added 2025/11/14 11:15 p.m.4 views

CVE-2025-13188

A vulnerability was detected in D-Link DIR-816L 206b09beta. Affected by this vulnerability is the function authenticationcgimain of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible...

10CVSS0.02243EPSS
Exploits1References5
NVD
NVD
added 2025/09/18 1:15 p.m.6 views

CVE-2025-10666

A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affected by this vulnerability is the function sub4106d4 of the file apply.cgi. The manipulation of the argument countdowntime results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...

9.8CVSS0.03039EPSS
Exploits3References7
OSV
OSV
added 2025/07/29 6:15 p.m.1 views

CVE-2025-53715

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/Wan6to4TunnelCfgRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service DoS condition. The...

7.5CVSS5.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:38 a.m.9 views

CVE-2024-4960

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Affected is an unknown function of the file interface/sysmanage/licenseauthorization.php. The manipulation of the argument fileupload leads to unrestricted upload. It is possible to...

6.5CVSS6.5AI score0.02311EPSS
Exploits0
CVE
CVE
added 2024/12/09 1:23 p.m.55 views

CVE-2024-8259

The CVE-2024-8259 entry concerns an SQL Injection in Eryaz Information Technologies’ NatraCar B2B Dealer Management Program. The issue stems from improper neutralization of special elements in SQL commands, enabling unauthenticated SQL injection prior to an end-of-life date (through 09.12.2024). ...

9.8CVSS5.8AI score0.00425EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.4 views

PT-2024-17404 · Xpodas · Octopod

Name of the Vulnerable Software and Affected Versions: Octopod versions prior to v1 Description: The issue affects XPodas Octopod, allowing authentication bypass by primary weakness. This vulnerability enables unauthorized access. The vendor was contacted, and it was learned that the product is n...

9.8CVSS7.1AI score0.00894EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/31 12:0 a.m.4 views

PT-2023-4037 · D Link · D-Link Dir-859

Name of the Vulnerable Software and Affected Versions: D-Link DIR-859 versions FW105b03 Description: The issue is related to an authentication bypass in the D-Link DIR-859 router's firmware, specifically affecting the phpcgi main function. This allows remote attackers to gain escalated privileges...

9.8CVSS5.9AI score0.01103EPSS
Exploits0References7
Cvelist
Cvelist
added 2022/03/28 8:45 p.m.28 views

CVE-2017-20011 WEKA INTEREST Security Scanner HTTP denial of service

A vulnerability was found in WEKA INTEREST Security Scanner 1.8. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Handler. The manipulation with an unknown input leads to denial of service. It is possible to launch the attack on the local host. Th...

2.8CVSS5.4AI score0.00218EPSS
Exploits0References2
Rows per page
Query Builder