Lucene search
+L

296 matches found

Cvelist
Cvelist
added 2025/11/13 12:0 a.m.13 views

CVE-2025-60694

A stack-based buffer overflow exists in the validatestaticroute function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function improperly concatenates user-supplied CGI parameters routeipaddr03, routenetmask03, routegateway03 into fixed-size buffers v6,...

0.01149EPSS
Exploits1References2
CVE
CVE
added 2025/11/13 12:0 a.m.14 views

CVE-2025-60682

The connected CNVD/Red Hat/EUVD/NVD entries confirm CVE-2025-60682 affecting TOTOLINK A720R router firmware V4.1.5cu.614_B20230630, in the cloudupdate_check binary (sub_402414) where cloud update parameters are processed. User-controlled magicid and url are concatenated into shell commands and ex...

6.5CVSS8.1AI score0.01461EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/11/13 12:0 a.m.18 views

CVE-2025-60683

The CVE-2025-60683 entry concerns the TOTOLINK ToToLink A720R Router firmware (V4.1.5cu.614_B20230630). The sysconf binary’s sub_40BFA4 handling of network interface reinitialization from '/var/system/linux_vlan_reinit' concatenates unescaped input into shell commands after only partial validatio...

6.5CVSS7.8AI score0.01017EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-29217

Malware in sbrugna...

8.8CVSS8.7AI score0.00629EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4499

Malware in sbrugna...

8.8CVSS8.8AI score0.00892EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-4388

Malware in sbrugna...

8.8CVSS8.8AI score0.0085EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-7231

Malware in sbrugna...

10CVSS9.5AI score0.07743EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-31117

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00619EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-36593

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00978EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-50458

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00621EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-48626

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.28662EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-27250

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00787EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.7 views

PT-2025-36919

Name of the Vulnerable Software and Affected Versions: LB-Link BL-CPE300M AX300 4G LTE Router version BL-R8800 B10 ALK SL V01.01.02P42U14 06 Description: The LB-Link BL-CPE300M AX300 4G LTE Router does not implement proper session handling. After a user authenticates from a specific IP address, t...

6.5AI score0.00406EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/09 12:0 a.m.3 views

CVE-2025-57278

The LB-Link BL-CPE300M AX300 4G LTE Router firmware version BL-R8800B10ALKSLV01.01.02P42U1406 does not implement proper session handling. After a user authenticates from a specific IP address, the router grants access to any other client using that same IP, without requiring credentials or...

6.5AI score0.00406EPSS
Exploits1References2
OSV
OSV
added 2025/08/28 3:16 p.m.9 views

CVE-2025-52054

An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate wit...

5.3CVSS5.8AI score0.00296EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/08/04 12:0 a.m.14 views

The vulnerability of the /pppoe_base.asp file of the jhttpd component of D-link DI-8100 router software allows a hacker to execute arbitrary code.

The vulnerability of the /pppoebase.asp file of the jhttpd component of D-link DI-8100 router microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

9CVSS8.3AI score0.00799EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/17 12:50 a.m.13 views

CVE-2025-52379

Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below contains an authenticated command injection vulnerability in the firmware update feature. The /web/umfileNameset.cgi and /web/umwebupgrade.cgi endpoints fail to properly sanitize the upgradeFileName parameter, allowing authenticated...

5.4CVSS8.9AI score0.09684EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/28 4:23 p.m.9 views

CVE-2025-34049

An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the targetaddr parameter of the formTracert and formPing administrative...

9.4CVSS8.6AI score0.0243EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.12 views

The vulnerability of the sub_415EF8 function in Netgear EX6100 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of sub415EF8 in Netgear EX6100 router microprogramming software relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted GET request...

9CVSS8.5AI score0.0078EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/14 12:0 a.m.9 views

The vulnerability of the sub_41619C() function in NETGEAR EX3700 router microprogramming software allows a hacker to induce a service failure.

The vulnerability of the sub41619C function in NETGEAR EX3700 router microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending a specially crafted GET request remotely...

9CVSS8AI score0.00822EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder