The vulnerability of the pureauthcheck function in the HTTP POST Request Handler of the microprogramming-based wireless access point D-Link DAP-1562 allows a intruder to cause a service failure.

The vulnerability of the HTTP POST Request Handler component of the pureauthcheck function in the wireless access point software of D-Link DAP-1562 is related to the manipulation of the null pointer. Exploiting this vulnerability could allow a malicious actor to cause service failure...

PT-2025-20663 · Lmxcms · Lmxcms

Name of the Vulnerable Software and Affected Versions: LmxCMS version 1.41 Description: A critical issue has been found in the function manageZt of the file cadminZtAction.class.php of the component POST Request Handler. The manipulation of the argument sortid leads to SQL injection. It is possib...

CVE-2025-4487

A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /ajax.php?action=deletemember. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit...

PT-2025-22309 · Linksys · Linksys Fgw3000-Hk +1

Name of the Vulnerable Software and Affected Versions: Linksys FGW3000-AH and FGW3000-HK versions up to 1.0.17.000000 Description: A critical issue was found, affecting the function sub 4153FC of the file /cgi-bin/sysconf.cgi in the HTTP POST Request Handler component. The manipulation of the...

PT-2025-22310 · Linksys · Linksys Fgw3000-Hk +1

Name of the Vulnerable Software and Affected Versions: Linksys FGW3000-AH and FGW3000-HK versions up to 1.0.17.000000 Description: A critical issue affects the control panel sw function of the /cgi-bin/sysconf.cgi file in the HTTP POST Request Handler component. The manipulation of the filename...

CVE-2025-3854

A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/EditListSSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argume...

CVE-2025-3854

A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/EditListSSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argume...

PT-2025-17476 · H3C · H3C Gr-3000Ax

Name of the Vulnerable Software and Affected Versions: H3C GR-3000AX versions up to V100R006 Description: A critical vulnerability was found in the HTTP POST Request Handler component of H3C GR-3000AX. The affected function is EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit Li...

CVE-2025-3546

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the component HTTP POS...

CVE-2025-3542

A vulnerability, which was classified as critical, was found in H3C Magic NX15, Magic NX400 and Magic R3010 up to V100R014. This affects the function FCGIWizardProtoProcess of the file /api/wizard/getsyncpppoecfg of the component HTTP POST Request Handler. The manipulation leads to command...

CVE-2025-3546

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGICheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the component HTTP POS...

CVE-2025-3543

A vulnerability has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014 and classified as critical. This vulnerability affects the function FCGIWizardProtoProcess of the file /api/wizard/setsyncpppoecfg of the component HTTP POST Request Handler. The...

CVE-2025-3542 H3C Magic NX15/Magic NX400/Magic R3010 HTTP POST Request getsyncpppoecfg FCGI_WizardProtoProcess command injection

A vulnerability, which was classified as critical, was found in H3C Magic NX15, Magic NX400 and Magic R3010 up to V100R014. This affects the function FCGIWizardProtoProcess of the file /api/wizard/getsyncpppoecfg of the component HTTP POST Request Handler. The manipulation leads to command...

CVE-2025-3541 H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getSpecs FCGI_WizardProtoProcess command injection

A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014. Affected by this issue is the function FCGIWizardProtoProcess of the file /api/wizard/getSpecs of the component HTTP POST Request Handler. The...

CVE-2025-3541

The CVE-2025-3541 issue affects H3C Magic NX15, NX30 Pro, NX400, and R3010 up to V100R014. The vulnerability resides in the FCGI_WizardProtoProcess function of /api/wizard/getSpecs (HTTP POST Request Handler). Exploitation leads to command injection and requires access from the local network. Mul...

CVE-2025-3541 H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 HTTP POST Request getSpecs FCGI_WizardProtoProcess command injection

A vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014. Affected by this issue is the function FCGIWizardProtoProcess of the file /api/wizard/getSpecs of the component HTTP POST Request Handler. The...

PT-2025-16189 · H3C · H3C Magic Be18000 +4

Name of the Vulnerable Software and Affected Versions: H3C Magic NX15 versions up to V100R014 H3C Magic NX30 Pro versions up to V100R014 H3C Magic NX400 versions up to V100R014 H3C Magic R3010 versions up to V100R014 H3C Magic BE18000 versions up to V100R014 Description: A critical vulnerability...

CVE-2025-3405

A vulnerability was found in FCJ Venture Builder appclientefiel 3.0.27. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /rest/cliente/ObterPedido/ of the component HTTP GET Request Handler. The manipulation of the argument ORDERID leads ...

CVE-2025-3405

A vulnerability was found in FCJ Venture Builder appclientefiel 3.0.27. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /rest/cliente/ObterPedido/ of the component HTTP GET Request Handler. The manipulation of the argument ORDERID leads ...

CVE-2025-2960

A vulnerability classified as problematic has been found in TRENDnet TEW-637AP and TEW-638APB 1.2.7/1.3.0.106. This affects the function sub41DED0 of the file /bin/goahead of the component HTTP Request Handler. The manipulation leads to null pointer dereference. Access to the local network is...