EUVD-2026-26386

A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the U-SPEED N300 Rounter V1.0.0. The device does not implement CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft ...

EUVD-2026-5154

Shenzhen Tenda AC7 firmware version V03.03.03.01cn and prior does not implement CSRF protections for administrative functions in the web management interface. The interface does not enforce anti-CSRF tokens or robust origin validation, which can allow an attacker to induce a logged-in administrat...

CVE-2026-0405 Authentication Bypass in NETGEAR Orbi Devices

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin...

Allegro Software Development RomPager Security Bypass Vulnerability

Allegro Software Development RomPager is an embedded Web server toolkit that allows users to manage and control World Wide Web WWW services for network devices such as network printers, switches, and routers using a common Web browser. A security vulnerability in Allegro Software Development...