📄 ZTE Unauthenticated Denial of Service

ZTE routers 17+ models suffer from an unauthenticated denial of service vulnerability via an oversized POST body. Title: ZTE Routers 17+ Models - Unauthenticated Denial of Service via Oversized POST Body Date: 2026-05-20 Author: Mina Nageh Salalma Monx Research CVE: CVE-2026-34473 Vendor: ZTE...

EUVD-2018-21838

Tenda W3002R/A302/W309R wireless routers version V5.07.64en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted...

Exploit for CVE-2025-34037

CVE-2025-34037 Python port of the Linksys tmUnblock.cgi RCE ex...

EUVD-2026-8698

Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...

CVE-2025-59365

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...

CVE-2025-59365

CVE-2025-59365 corresponds to a stack buffer overflow in ASUS Router firmware affecting certain router models. According to PT-2025-48016, the issue is triggered by an authenticated attacker sending a specially crafted request, potentially causing a denial of service and impacting device availabi...

CVE-2025-59365

A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...

PT-2025-48016

Name of the Vulnerable Software and Affected Versions ASUS Router Firmware affected versions not specified Description A stack buffer overflow condition exists in certain router models. An authenticated attacker can trigger this issue by sending a specially crafted request, which may lead to a...

VulnCheck KEV: CVE-2024-12912

An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...

EUVD-2018-21602

Malware in sbrugna...

EUVD-2024-51187

Malicious code in bioql PyPI...

CVE-2025-57685

The LB-Link routers, including the BL-AC2100AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000AE4 v2.4.9, BL-AC1900AZ2 v1.0.2, BL-X26AC8 v1.2.8, and BL-LTE300DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/setserialcfg...

D-Link多款产品 安全漏洞

D-Link DIR-600 and others are products of China-based AUO D-Link.D-Link DIR-600 is a wireless router.D-Link DIR-412 is a wireless router.D-Link DIR-110 is a wired router. A security vulnerability exists in various D-Link products that stems from improper handling of the EVENT=CHECKFW parameter...

CVE-2025-45984

Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100AZ3 V1.0.4, BL-X10AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200AT1 V1.0.0, BL-X26AC8 V1.2.8, BLAC450MAE4 V4.0.0 and BL-X26DA3 V1.2.7 were discovered to contain a command injection vulnerability via the routepwd parameter in the sub45B238 functio...

CVE-2021-41435

A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56UV2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 SeriesRT-AX86U/RT-AX86S, RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400...

CVE-2021-45516

Certain NETGEAR devices are affected by denial of service. This affects R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.3.140, R7000P before 1.3.3.140, R8000 before 1.0.4.74, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11...

CVE-2025-28027

TOTOLINK A830R V4.1.2cu.5182B20201102, A950RG V4.1.2cu.5161B20200903, A3000RU V5.9c.5185B20201128, and A3100R V4.1.2cu.5247B20211129 was found to contain a buffer overflow vulnerability in downloadFile.cgi...

PT-2025-25407 · Blink · Blink Bl-X26 Da3 +7

Name of the Vulnerable Software and Affected Versions: Blink BL-WR9000 version 2.4.9 Blink BL-AC2100 AZ3 version 1.0.4 Blink BL-X10 AC8 version 1.0.5 Blink BL-LTE300 version 1.2.3 Blink BL-F1200 AT1 version 1.0.0 Blink BL-X26 AC8 version 1.2.8 Blink BLAC450M AE4 version 4.0.0 Blink BL-X26 DA3...

CVE-2024-13062

An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution. Refer to the ' 01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...

CVE-2024-13062

The ASUS Router AiCloud component is affected by CVE-2024-13062. The vulnerability stems from insufficient data cleaning at the management level, enabling a remote attacker to execute arbitrary commands. Affected product: ASUS Router AiCloud (AiCloud), with unspecified vulnerable versions. The is...