135 matches found
CVE-2026-7415
The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization...
EUVD-2026-25361
A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication attempts and configuration data, is transmitted in cleartext, an attacker with access to the same...
EUVD-2026-24083
This vulnerability exists in Quantum Networks router due to lack of enforcement of strong password policies in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing password guessing or brute-force attacks against user accounts, leading...
CVE-2026-41038
This vulnerability exists in Quantum Networks router due to lack of enforcement of strong password policies in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing password guessing or brute-force attacks against user accounts, leading...
CVE-2026-41038 Weak Password Policy Vulnerability in Quantum Networks Router QN-I-470
This vulnerability exists in Quantum Networks router due to lack of enforcement of strong password policies in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing password guessing or brute-force attacks against user accounts, leading...
CVE-2026-41037 Missing Rate Limiting Vulnerability in Quantum Networks Router QN-I-470
This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...
Quantum Networks router 安全漏洞
The Quantum Networks router is a network routing device developed by the Indian company Quantum Networks. The Quantum Networks router has a security vulnerability. This vulnerability stems from the lack of rate-limiting mechanisms and CAPTCHA protection in the web-based management interface. As a...
Quantum Networks router 安全漏洞
The Quantum Networks router is a network routing device developed by the Indian company Quantum Networks. The Quantum Networks router has a security vulnerability. This vulnerability stems from the lack of strong password policies in the web-based management interface. As a result, attackers on t...
CVE-2026-40434
Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic...
CVE-2026-40434
Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic...
CVE-2026-40434 Anviz CrossChex Standard Improper Verification of Source of a Communication Channel
Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic...
PT-2026-33503
Name of the Vulnerable Software and Affected Versions Anviz CrossChex Standard affected versions not specified Description The software lacks source verification in the client/server channel. This allows an attacker on the same network to perform TCP packet injection to alter or disrupt applicati...
CVE-2026-34119
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An...
EUVD-2026-18426
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...
EUVD-2026-18428
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An...
EUVD-2026-18430
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...
CVE-2026-34120 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...
CVE-2026-34119
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An...
CVE-2026-34119
CVE-2026-34119 — TP-Link Tapo C520WS (v2.6) shows a heap-based buffer overflow in the HTTP parsing loop when appending segmented request bodies, due to insufficient boundary validation for externally supplied HTTP input. The issue can allow heap memory corruption on the device when an attacker on...
CVE-2026-34118
A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...