CVE-2025-65128

A missing authentication mechanism in the web management API components of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows unauthenticated attackers on the local network to modify router and network configurations. By invoking operations whose names end with "nocommit" and supplying the...

CVE-2026-24434

Shenzhen Tenda AC7 firmware version V03.03.03.01cn and prior does not implement CSRF protections for administrative functions in the web management interface. The interface does not enforce anti-CSRF tokens or robust origin validation, which can allow an attacker to induce a logged-in administrat...

CVE-2026-24434

The CVE-2026-24434 affects Shenzhen Tenda AC7 firmware versions prior to V03.03.03.01_cn. The web management interface is missing anti-CSRF protections and robust origin validation, enabling a logged-in administrator to be induced to perform unintended state-changing requests and modify router se...

D-Link DSL-124 访问控制错误漏洞

The D-Link DSL-124 is an optical cat routing all-in-one from China AUO D-Link. An access control error vulnerability exists in the D-Link DSL-124 ME1.00 version, which stems from a configuration file disclosure issue that could allow an unauthenticated attacker to obtain router settings via a POS...

EUVD-2025-35864

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLanSetupRouterSettings...

CVE-2025-60548

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLanSetupRouterSettings...

EUVD-2019-4889

Malware in sbrugna...

EUVD-2020-29646

Malware in sbrugna...

CVE-2025-55118

Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "useopenssl=n"; Control-M/Agent 9.0.21 and 9.0.22: Agent router...

CVE-2025-26062

An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings...

CVE-2025-26062

CVE-2025-26062 describes an access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 that allows unauthenticated access to the router’s settings file and potential exposure of sensitive information. Affected products are Intelbras RX1500 (v2.2.9) and RX3000 (v1.0.11). The root cause is ...

Intelbras RX1500和Intelbras RX3000 安全漏洞

The Intelbras RX1500 and Intelbras RX3000 are both routers from Intelbras Brazil. A security vulnerability exists in Intelbras RX1500 version v2.2.9 and Intelbras RX3000 version v1.0.11, which stems from improper access control and could result in access to sensitive information in the router's...

CVE-2025-26062

An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings...

CVE-2024-28325

Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to obtain unauthorized access and modify router settings...

CVE-2020-12126

Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint...

CVE-2019-13395

The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. An attacker can modify all settings including WEP/WPA/WPA2 keys, restore the router to factory settings, or even upload an entire malicious configuration file...

CVE-2024-3080: ASUS warns Customers about the latest Authentication Bypass Vulnerability detected Across seven Router Models

ASUS announces major Firmware Update ASUS recently issued a firmware update to resolve a critical security vulnerability affecting seven different variants of its router models. Identified as CVE-2024-3080 with a CVSS v3 severity score of 9.8 critical, the vulnerability permits remote attackers t...

VulnCheck KEV: CVE-2014-100005

D-Link DIR-600 routers contain a cross-site request forgery CSRF vulnerability that allows an attacker to change router configurations by hijacking an existing administrator session...

ASUS RT-N12 安全漏洞

ASUS RT-N12 is a router from Asus China. A security vulnerability exists in the ASUS RT-N12 that originates from storing credentials in clear text, which could allow a local attacker to gain unauthorized access and modify router settings...

CVE-2024-28325

The CVE-2024-28325 affects the Asus RT-N12+ B1 router, where credentials are stored in cleartext within the device. This exposes a local attacker to unauthorized access and the ability to modify router settings. The entry cites a Local attack vector with Low attack complexity, requiring Local pri...