Lucene search
K

51 matches found

NVD
NVD
added 2026/05/25 12:16 a.m.16 views

CVE-2026-9408

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...

10CVSS0.01732EPSS
Exploits0References5
NVD
NVD
added 2026/03/30 3:15 a.m.18 views

CVE-2026-5104

A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557b20221024. Impacted is the function setStaticRoute of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ip leads to command injection. The attack may be performed from remote. The exploit has been disclosed...

8.8CVSS0.02483EPSS
Exploits1References5
OSV
OSV
added 2026/02/08 3:15 p.m.7 views

CVE-2026-2157

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

7.2CVSS5.6AI score0.03916EPSS
Exploits1References5
NVD
NVD
added 2026/02/08 3:15 p.m.10 views

CVE-2026-2157

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS0.03916EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/08 3:2 p.m.11 views

CVE-2026-2157

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS6.8AI score0.03916EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/02/08 3:2 p.m.32 views

CVE-2026-2157 D-Link DIR-823X set_static_route_table sub_4175CC os command injection

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS0.03916EPSS
Exploits1References5
CVE
CVE
added 2026/02/08 3:2 p.m.20 views

CVE-2026-2157

D-Link DIR-823X 250416 is affected by CVE-2026-2157. The vulnerability is in the function sub_4175CC of /goform/set_static_route_table, where manipulating arguments (interface, destip, netmask, gateway, metric) enables OS command injection. Attack can be performed remotely and public exploits hav...

8.6CVSS6.8AI score0.03916EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/08 6:2 a.m.7 views

CVE-2026-2138

A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...

9CVSS8.4AI score0.00733EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/02/08 6:2 a.m.6 views

EUVD-2026-5810

A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...

9CVSS8.4AI score0.00733EPSS
Exploits1References6
CVE
CVE
added 2026/02/08 6:2 a.m.12 views

CVE-2026-2138

CVE-2026-2138 affects Tenda TX9 devices (firmware up to 22.03.02.10_multi). The vulnerability is in the function sub_42D03C of /goform/SetStaticRouteCfg, where the argument list manipulation leads to a buffer overflow. This allows remote exploitation and has public PoC/exploit material. Impact is...

9CVSS8.5AI score0.00733EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.4 views

CVE-2023-49430

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetStaticRouteCfg...

9.8CVSS7.4AI score0.00925EPSS
Exploits1References1
CVE
CVE
added 2025/10/07 7:2 a.m.13 views

CVE-2025-11356

CVE-2025-11356 affects Tenda AC23 (pre-16.03.07.52). The vulnerability is in sscanf within /goform/SetStaticRouteCfg, where input length validation allows a buffer overflow, enabling remote exploitation. Public exploits exist. Remedies include upgrading to a version newer than 16.03.07.52 (per PT...

9CVSS8.7AI score0.00742EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.5 views

PT-2025-40968

Name of the Vulnerable Software and Affected Versions Tenda AC23 versions prior to 16.03.07.52 Description A flaw exists in the sscanf function within the /goform/SetStaticRouteCfg file. Manipulation of the argument list can lead to a buffer overflow, potentially allowing for remote attacks. The...

9CVSS8.8AI score0.00742EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-31447

Malicious code in bioql PyPI...

9CVSS8.8AI score0.00678EPSS
Exploits1References6
OSV
OSV
added 2025/09/28 2:15 a.m.4 views

CVE-2025-11091

A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...

8.7CVSS6.2AI score0.00678EPSS
Exploits1References5
NVD
NVD
added 2025/09/28 2:15 a.m.8 views

CVE-2025-11091

A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...

9CVSS0.00678EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/09/28 1:32 a.m.5 views

CVE-2025-11091 Tenda AC21 SetStaticRouteCfg sscanf buffer overflow

A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...

9CVSS7AI score0.00678EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/11 3:19 a.m.10 views

CVE-2025-10123

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS7.5AI score0.03986EPSS
Exploits1References1
NVD
NVD
added 2025/09/09 3:15 a.m.5 views

CVE-2025-10123

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

9.8CVSS0.03986EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/09/09 2:32 a.m.9 views

CVE-2025-10123 D-Link DIR-823X set_static_leases sub_415028 command injection

A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...

7.5CVSS0.03986EPSS
Exploits1References6
Rows per page
Query Builder