Qualcomm Chipsets security vulnerabilities

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, and these vulnerabilities arise from the exposure of information when processing advertisement frames that contain format-errors MBSSID...

CVE-2026-8263 Tenda AC6 httpd WifiExtraSet fromSetWirelessRepeat os command injection

A security flaw has been discovered in Tenda AC6 15.03.06.49multiTDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. It is possible to initiate the attack...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is greater than IEEE80211MAXSSIDLEN 32, it could lead to memory corruption. Therefore, bounds checking should be added...

EUVD-2026-26593

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation The variable valuesize is declared as u8 but accumulates the total length of all SSIDs to scan. Each SSID contributes up to 33 bytes IEEE80211MAXSSIDLEN + 1, an...

PT-2026-36415

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation The variable valuesize is declared as u8 but accumulates the total length of all SSIDs to scan. Each SSID contributes up to 33 bytes IEEE80211 MAX SSID LEN + 1,...

Bivocom TR321 跨站脚本漏洞

Bivocom TR321 is a wireless communication terminal device developed by Bivocom Corporation in China, designed for industrial IoT scenarios. Version 21.1.1.50 of Bivocom TR321 contains a cross-site scripting vulnerability. This vulnerability stems from operations involving the Network Name SSID...

EUVD-2026-24051

UNSUPPORTED WHEN ASSIGNED An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00ABDV.3C0 could allow an adjacent attacker on the WLAN to cause a denial-of-service DoS condition in the web management interface by convincing an authenticated...

CVE-2026-6560

A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function EditBasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed public...

EUVD-2026-9416

A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point AP to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key GTK associated with the victim's BSSID...

CVE-2026-3273

The affected product is Tenda F453 1.0.0.3. The vulnerability lies in the httpd component, specifically the function formWrlsafeset in /goform/AdvSetWrlsafeset, where manipulating the mit_ssid_index argument causes a buffer overflow. This can be triggered remotely and a public exploit exists. No ...

CVE-2026-2905

A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploi...

Tenda HG9 安全漏洞

The Tenda HG9 is a WiFi router produced by the Chinese company Tenda. The Tenda HG9 300001138 version has a security vulnerability. This vulnerability stems from incorrect handling of parameters “ssid” in the file “Wireless Configuration Endpoint” of the component “boaform/formWlanSetup”, which m...

CVE-2026-2526 Wavlink WL-WN579A3 wireless.cgi multi_ssid command injection

A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. This impacts the function multissid of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument SSID2G2 results in command injection. The attack may be initiated remotely. The exploit has been made public and could b...

PT-2026-6966

Name of the Vulnerable Software and Affected Versions Tenda TX9 versions up to 22.03.02.10 multi Description A flaw exists in the Tenda TX9 device, specifically within the sub 432580 function located in the /goform/fast setting wifi set file. Manipulation of the ssid argument can lead to a buffer...

CVE-2026-1158

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack can be...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003588)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003588 advisory. In the Linux kernel through 5.3.2, cfg80211mgdwextgiwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow. Tenable has...

PT-2026-2034

Name of the Vulnerable Software and Affected Versions UTT 进取 520W version 1.7.7-180627 Description A security flaw exists in UTT 进取 520W version 1.7.7-180627. The strcpy function within the file /goform/ConfigWirelessBase is susceptible to a buffer overflow when the ssid argument is manipulated...

EUVD-2025-131925

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password WPA/WPA2 pre-shared key to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an...

kernel: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is more than IEEE80211MAXSSIDLEN 32 it would lead to memory corruption so add some bounds checking...

EUVD-2025-37381

Totolink A7000R v9.1.0u.6115B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the urldecode function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...