40942 matches found
CVE-2026-9464 YunaiV yudao-cloud Admin API Endpoint create IotDataSinkHttpConfig server-side request forgery
A vulnerability has been found in YunaiV yudao-cloud 2026.03. This affects the function IotDataSinkHttpConfig of the file /admin-api/iot/data-sink/create of the component Admin API Endpoint. Such manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit h...
CVE-2026-9464
A vulnerability has been found in YunaiV yudao-cloud 2026.03. This affects the function IotDataSinkHttpConfig of the file /admin-api/iot/data-sink/create of the component Admin API Endpoint. Such manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit h...
CVE-2026-9463 Edimax EW-7438RPn formLicence stack-based overflow
A flaw has been found in Edimax EW-7438RPn 1.31. Affected by this issue is the function formLicence of the file /goform/formLicence. This manipulation of the argument submit-url causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be use...
CVE-2026-9463 Edimax EW-7438RPn formLicence stack-based overflow
A flaw has been found in Edimax EW-7438RPn 1.31. Affected by this issue is the function formLicence of the file /goform/formLicence. This manipulation of the argument submit-url causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be use...
CVE-2026-9463
Edimax EW-7438RPn (firmware 1.31) is affected by a stack-based overflow in the formLicence function (/goform/formLicence). The input submission is manipulated to trigger overflow, enabling a remote attack. Exploit code has been published. Vendor contact did not yield a response. The provided mate...
CVE-2026-9462
Technical details are not publicly available in the provided documents. Monitor for updates from vendors and CVE repositories.
CVE-2026-9453
A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...
CVE-2026-9461 Edimax EW-7438RPn formRadius stack-based overflow
A security vulnerability has been detected in Edimax EW-7438RPn 1.31. Affected is the function formRadius of the file /goform/formRadius. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly...
EUVD-2026-31680
A security vulnerability has been detected in Edimax EW-7438RPn 1.31. Affected is the function formRadius of the file /goform/formRadius. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly...
CVE-2026-9461
A security vulnerability has been detected in Edimax EW-7438RPn 1.31. Affected is the function formRadius of the file /goform/formRadius. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly...
CVE-2026-9461
Edimax EW-7438RPn (v1.31) is affected by a stack-based overflow in the formRadius function located in /goform/formRadius. The vulnerability is triggered by manipulating the submit-url argument, enabling a remote attacker to exploit it. Public exploit details exist, and the vendor was contacted bu...
CVE-2026-9461 Edimax EW-7438RPn formRadius stack-based overflow
A security vulnerability has been detected in Edimax EW-7438RPn 1.31. Affected is the function formRadius of the file /goform/formRadius. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly...
CVE-2026-9460 Edimax EW-7438RPn formAccept stack-based overflow
A weakness has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of the file /goform/formAccept. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made...
CVE-2026-9459 Edimax EW-7438RPn formConnectionSetting stack-based overflow
A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument maxConn/timeOut results in stack-based buffer overflow. It is possible to initiate the attack remotel...
CVE-2026-9458 Totolink A8000RU Web Management cstecgi.cgi setWanCfg os command injection
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed fr...
CVE-2026-9457
A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possible...
CVE-2026-9457 Totolink A8000RU Web Management cstecgi.cgi UploadFirmwareFile os command injection
A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possible...
CVE-2026-9456 Totolink A8000RU Web Management cstecgi.cgi setOpenVpnCfg os command injection
A vulnerability was found in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enabled results in os command injection. The attack can be executed remotely. The...
CVE-2026-9455
CVE-2026-9455 affects Totolink A8000RU Web Management, specifically the UploadOpenVpnCert function in /cgi-bin/cstecgi.cgi. The vulnerability stems from manipulating the FileName argument, causing a remote OS command injection with network access, and a public exploit is indicated (exploit maturi...
CVE-2026-9453 FoundDream miniclawd SkillsLoader skills-loader.ts which command injection
A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...