CVE-2024-7707

A vulnerability was found in Tenda FH1206 02.03.01.35 and classified as critical. Affected by this issue is the function formSafeEmailFilter of the file /goform/SafeEmailFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow...

CVE-2024-1197

A vulnerability, which was classified as critical, has been found in SourceCodester Testimonial Page Manager 1.0. This issue affects some unknown processing of the file delete-testimonial.php of the component HTTP GET Request Handler. The manipulation of the argument testimony leads to sql...

CVE-2024-13200

A vulnerability, which was classified as critical, was found in wander-chu SpringBoot-Blog 1.0. This affects the function preHandle of the file src/main/java/com/my/blog/website/interceptor/BaseInterceptor.java of the component HTTP POST Request Handler. The manipulation leads to improper access...

CVE-2025-0848

A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapskcrypto5g leads to stack-based buffer overflow...

CVE-2025-0848

The CVE-2025-0848 entry concerns the Tenda A18 router (versions up to 15.13.07.09) with a vulnerability in the HTTP POST handler function SetCmdlineRun. The root cause is a stack-based buffer overflow triggered by manipulating the wpapsk_crypto5g argument, which can be exploited remotely. Public ...

CVE-2024-49747

In gattsprocessreadbytypereq of gattsr.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-0528 Tenda AC8/AC10/AC18 HTTP Request telnet command injection

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched...

CVE-2025-0528 Tenda AC8/AC10/AC18 HTTP Request telnet command injection

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched...

CVE-2025-0481

A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been...

PT-2025-1265 · D Link · D-Link Dir-878

Name of the Vulnerable Software and Affected Versions: D-Link DIR-878 version 1.03 Description: A vulnerability has been found in the D-Link DIR-878, affecting an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. This issue leads to information disclosure and can...

PT-2026-3433

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A security flaw exists in Totolink LR350. The issue is due to command injection within the setTracerouteCfg function of the /cgi-bin/cstecgi.cgi file, specifically in the POST Request...

CVE-2025-0331

A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to weak password...

CVE-2025-0328

A vulnerability, which was classified as critical, has been found in KaiYuanTong ECT Platform up to 2.0.0. Affected by this issue is some unknown functionality of the file /public/server/runCode.php of the component HTTP POST Request Handler. The manipulation of the argument code leads to command...

PT-2025-1260 · Tenda · Tenda Ac10 +2

Name of the Vulnerable Software and Affected Versions: Tenda AC8 versions 16.03.10.20 Tenda AC10 versions 16.03.10.20 Tenda AC18 versions 16.03.10.20 Description: A critical issue has been found in the HTTP Request Handler component of the affected devices, specifically in the /goform/telnet file...

CVE-2024-12989

A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The vendor was...

CVE-2024-12989 WISI Tangram GT31 HTTP Request server-side request forgery

A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The vendor was...

CVE-2024-12989

CVE-2024-12989 concerns WISI Tangram GT31. The vulnerability affects an unknown function within the device’s HTTP Request Handler, enabling server-side request forgery (SSRF). Reports across multiple sources (Red Hat, PT-Security, CNNVD, NVD/CVELIST) indicate the issue can be exploited remotely a...

CVE-2024-12989 WISI Tangram GT31 HTTP Request server-side request forgery

A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The vendor was...

PT-2024-17851 · Wisi · Wisi Tangram Gt31

Name of the Vulnerable Software and Affected Versions: WISI Tangram GT31 versions up to 20241214 Description: A server-side request forgery issue affects an unknown functionality of the component HTTP Request Handler. This issue can be exploited remotely. The vendor was contacted about this...

WISI Tangram GT31 代码问题漏洞

WISI Tangram GT31 is a module for a high-density digital platform from WISI. A code issue vulnerability exists in WISI Tangram GT31 20241214 and prior versions that stems from a component HTTP request handler that can lead to server-side request forgery...