📄 ZTE Unauthenticated Denial of Service

ZTE routers 17+ models suffer from an unauthenticated denial of service vulnerability via an oversized POST body. Title: ZTE Routers 17+ Models - Unauthenticated Denial of Service via Oversized POST Body Date: 2026-05-20 Author: Mina Nageh Salalma Monx Research CVE: CVE-2026-34473 Vendor: ZTE...

EUVD-2018-21838

Tenda W3002R/A302/W309R wireless routers version V5.07.64en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted...

Exploit for CVE-2025-34037

CVE-2025-34037 Python port of the Linksys tmUnblock.cgi RCE ex...

EUVD-2026-8698

Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...

CVE-2025-59365

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...

CVE-2025-59365

CVE-2025-59365 corresponds to a stack buffer overflow in ASUS Router firmware affecting certain router models. According to PT-2025-48016, the issue is triggered by an authenticated attacker sending a specially crafted request, potentially causing a denial of service and impacting device availabi...

CVE-2025-59365

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...

PT-2025-48016

Name of the Vulnerable Software and Affected Versions ASUS Router Firmware affected versions not specified Description A stack buffer overflow condition exists in certain router models. An authenticated attacker can trigger this issue by sending a specially crafted request, which may lead to a...

VulnCheck KEV: CVE-2024-12912

An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...

EUVD-2018-21602

Malware in sbrugna...

EUVD-2024-51187

Malicious code in bioql PyPI...

CVE-2025-57685

The LB-Link routers, including the BL-AC2100AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000AE4 v2.4.9, BL-AC1900AZ2 v1.0.2, BL-X26AC8 v1.2.8, and BL-LTE300DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/setserialcfg...

D-Link多款产品 安全漏洞

D-Link DIR-600 and others are products of China-based AUO D-Link.D-Link DIR-600 is a wireless router.D-Link DIR-412 is a wireless router.D-Link DIR-110 is a wired router. A security vulnerability exists in various D-Link products that stems from improper handling of the EVENT=CHECKFW parameter...

CVE-2025-45984

Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100AZ3 V1.0.4, BL-X10AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200AT1 V1.0.0, BL-X26AC8 V1.2.8, BLAC450MAE4 V4.0.0 and BL-X26DA3 V1.2.7 were discovered to contain a command injection vulnerability via the routepwd parameter in the sub45B238 functio...

The vulnerability of the HTTP POST Request Handler component, sub_40BE30, in the microprogramming software of the A702R, A3002R, and A3002RU routers allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component, sub40BE30 in the microprogramming software of the A702R, A3002R, and A3002RU routers, involves copying buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formSaveConfig file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component in the /boafrm/formSaveConfig file of the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formWirelessTbl file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formWirelessTbl file in the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formSysCmd file in the microprogramming system for routers A702R, A3002R, and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formSysCmd file in the microprogramming system for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker...

CVE-2021-41435

A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56UV2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 SeriesRT-AX86U/RT-AX86S, RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400...

CVE-2021-45516

Certain NETGEAR devices are affected by denial of service. This affects R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R8000 before 1.0.4.74, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11...