The vulnerability of the administrator panel of microprogrammed software routers such as GL-A1300, GL-AX1800, GL-AXT1800, GL-MT3000, GL-MT2500, GL-MT6000, GL-MT1300, GL-MT300N-V2, GL-AR750S, GL-AR750, GL-AR300M, and GL-B1300 allows attackers to circumvent security restrictions, gain increased privileges, and obtain full control over the device.

The vulnerability of the administrator panel of microprogrammed software routers such as GL-A1300, GL-AX1800, GL-AXT1800, GL-MT3000, GL-MT2500, GL-MT6000, GL-MT1300, GL-MT300N-V2, GL-AR750S, GL-AR750, GL-AR300M, and GL-B1300 is related to deficiencies in authentication procedures. Exploiting this...

The vulnerability of the Firewall Service component in D-Link’s router microprogramming systems, DIR-618 and DIR-605L, allows a hacker to execute arbitrary code.

The vulnerability of the Firewall Service component in D-Link’s DIR-618 and DIR-605L router microprogramming systems is related to access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2025-28027

TOTOLINK A830R V4.1.2cu.5182B20201102, A950RG V4.1.2cu.5161B20200903, A3000RU V5.9c.5185B20201128, and A3100R V4.1.2cu.5247B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi...

PT-2025-25407 · Blink · Blink Bl-X26 Da3 +7

Name of the Vulnerable Software and Affected Versions: Blink BL-WR9000 version 2.4.9 Blink BL-AC2100 AZ3 version 1.0.4 Blink BL-X10 AC8 version 1.0.5 Blink BL-LTE300 version 1.2.3 Blink BL-F1200 AT1 version 1.0.0 Blink BL-X26 AC8 version 1.2.8 Blink BLAC450M AE4 version 4.0.0 Blink BL-X26 DA3...

CVE-2024-13062

An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution. Refer to the ' 01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...

The vulnerability of the telnetd daemon in the microprogramming-based router software of Tenda AC8, AC10, and AC18 allows a hacker to execute arbitrary commands.

The vulnerability of the telnetd microprogramming system for Tenda AC8, AC10, and AC18 routers is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2024-13062

The ASUS Router AiCloud component is affected by CVE-2024-13062. The vulnerability stems from insufficient data cleaning at the management level, enabling a remote attacker to execute arbitrary commands. Affected product: ASUS Router AiCloud (AiCloud), with unspecified vulnerable versions. The is...

The vulnerability in the wlg_adv.cgi script of Netgear’s router microprogramming software for models R8500, XR300, R7000P, and R6400 v2 allows a hacker to cause a service failure.

The vulnerability in the wlgadv.cgi script of Netgear’s router microprogramming devices, such as R8500, XR300, R7000P, and R6400 v2, stems from the copying of buffers without checking the size of the input data during the processing of parameters apmodedns1pri and apmodedns1sec. Exploiting this...

NTT EAST多款产品 安全漏洞

The NTT EAST PR-400MI, among others, is a router from NTT EAST, a Japanese company. A security vulnerability exists in several NTT EAST products, which stems from a failure to restrict access privileges. The following products are affected: PR-400MI, RT-400MI, RV-440MI, PR-600MI, RX-600MI,...

ELECOM WRC-2533GS2V-B、WRC-2533GS2-B和WRC-2533GS2-W 安全漏洞

ELECOM WRC-2533GS2V-B and others are a wireless router from ELECOM Japan. A security vulnerability exists in v1.68 and earlier versions of the ELECOM WRC-2533GS2V-B, WRC-2533GS2-B, and WRC-2533GS2-W. The vulnerability stems from the possibility that a logged-in user with administrative privileges...

CVE-2024-3080: ASUS warns Customers about the latest Authentication Bypass Vulnerability detected Across seven Router Models

ASUS announces major Firmware Update ASUS recently issued a firmware update to resolve a critical security vulnerability affecting seven different variants of its router models. Identified as CVE-2024-3080 with a CVSS v3 severity score of 9.8 critical, the vulnerability permits remote attackers t...

The vulnerability of the SSH daemon on the ArubaOS-Switch operating system’s routers, including the Aruba 5400R, Aruba 3810, Aruba 2920, Aruba 2930F, Aruba 2930M, Aruba 2530, Aruba 2540, Aruba 3800 models, allows a hacker to cause service interruptions.

The vulnerability of the SSH daemon on the ArubaOS-Switch operating system’s routers, including the Aruba 5400R, Aruba 3810, Aruba 2920, Aruba 2930F, Aruba 2930M, Aruba 2530, Aruba 2540, and Aruba 3800 models, is related to improper cleaning or release of resources. Exploiting this vulnerability...

NEC Aterm 安全漏洞

The NEC Aterm is a series of wireless routers from Nippon Electric NEC. A security vulnerability exists in NEC Aterm that stems from allowing an attacker to view device information. The following products and versions are affected: WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2,...

CVE-2024-0717

A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853,...

The vulnerability of the iperf function in the set_iperf3_svr.cgi application programming interface of ASUS RT-AX55, RT-AX56U, and RT-AC86U routers allows a hacker to execute arbitrary code.

The vulnerability of the iperf function in the application programming interface for ASUS RT-AX55, RT-AX56UV2, and RT-AC86U routers is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the microprogrammed software of Wi-Fi routers ASUS RT-AC86U and RT-AX56U allows a hacker to execute arbitrary code.

The vulnerability of ASUS’ Wi-Fi router software, RT-AC86U and RT-AX56U, is related to the use of uncontrolled format strings. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2023-37565

Code injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent authenticated attacker to execute arbitrary code by sending a specially crafted request. Affected products and versions are as follows: WRC-1167GHBK-S v1.03 and earlier, WRC-1167GEBK-S v1.03 and earlier,...

ASUS Releases Patches to Fix Critical Security Bugs Impacting Multiple Router Models

Taiwanese company ASUS on Monday released firmware updates to address, among other issues, nine security bugs impacting a wide range of router models. Of the nine security flaws, two are rated Critical and six are rated High in severity. One vulnerability is currently awaiting analysis. The list ...

Update now! ASUS fixes nine security flaws

ASUS has released firmware updates for several router models fixing two critical and several other security issues. The new firmware with accumulated security updates is available for the models GT6, GT-AXE16000, GT-AX11000 PRO, GT-AXE11000, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8,...

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform...