42 matches found
CVE-2026-34474
Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...
PT-2026-38218
Name of the Vulnerable Software and Affected Versions ZTE ZXHN H298A version 1.1 ZTE H108N version 2.6 Description A crafted request to the router web interface can cause sensitive data exposure. This issue may leak device and account information, including the administrator password and WLAN...
CVE-2026-36960
A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the U-SPEED N300 Rounter V1.0.0. The device does not implement CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft ...
CVE-2026-41037 Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470
This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...
CVE-2025-50650
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the routesstatic parameter in the /router.asp endpoint...
CVE-2026-0405
CVE-2026-0405 affects NETGEAR Orbi devices: an authentication bypass allows users on the local network to access the router web interface with admin privileges. Exploitation requires local network access (attack vector: adjacent, low complexity, no user interaction). Impact per metrics is HIGH fo...
CVE-2025-60697
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub4438A4 function in prog.cgi stores user-supplied DDNS parameters ServerAddress and Hostname in NVRAM via nvramsafeset. These values are later retrieved in th...
EUVD-2018-10352
Malware in sbrugna...
EUVD-2021-19280
Malware in sbrugna...
Belkin F9K1009 / F9K1010 Authentication Bypass
This repository contains a exploit for CVE‑2025‑8730, a critical Authentication Bypass vulnerability affecting the web interface of Belkin F9K1009 and F9K1010 routers. The flaw lies in the session validation logic of the /login.htm file, where improperly handled cookies or crafted requests allow...
CVE-2025-26202
Cross-Site Scripting XSS vulnerability exists in the WPA/WAPI Passphrase field of the Wireless Security settings 2.4GHz & 5GHz bands in DZS Router Web Interface. An authenticated attacker can inject malicious JavaScript into the passphrase field, which is stored and later executed when an...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV042, RV042G, RV320, and RV325 allows a hacker to execute arbitrary code or cause service interruptions.
The vulnerability of the web interface for managing microprogrammed software routers of Cisco Small Business RV042, RV042G, RV320, and RV325 stems from the escape of operations beyond the buffer in memory, resulting from insufficient validation of input data during HTTP packet processing...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV042, RV042G, RV320, and RV325 allows a hacker to execute arbitrary code or cause service interruptions.
The vulnerability of the web interface for managing microprogrammed software routers of Cisco Small Business RV042, RV042G, RV320, and RV325 stems from the escape of operations beyond the buffer in memory, resulting from insufficient validation of input data during HTTP packet processing...
CVE-2024-41684
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system...
The vulnerability of the web interface of the microprogramming software for routers Maipu MP1800X-50 allows a hacker to obtain confidential information.
The vulnerability of the web interface of the microprogrammed software router Maipu MP1800X-50 is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain confidential information...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows a hacker to execute arbitrary commands.
The vulnerability of the web interface for managing microprogrammed software routers from Cisco, such as Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325, is related to insufficient validation of input data during the processing of HTTP packets. Exploiting this vulnerability...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform...
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform...