51 matches found
CVE-2026-9408
A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument enable results in os command injection. The attack may be...
CVE-2026-5104
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557b20221024. Impacted is the function setStaticRoute of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ip leads to command injection. The attack may be performed from remote. The exploit has been disclosed...
CVE-2026-2157
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...
CVE-2026-2157
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...
CVE-2026-2157
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...
CVE-2026-2157 D-Link DIR-823X set_static_route_table sub_4175CC os command injection
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...
CVE-2026-2157
D-Link DIR-823X 250416 is affected by CVE-2026-2157. The vulnerability is in the function sub_4175CC of /goform/set_static_route_table, where manipulating arguments (interface, destip, netmask, gateway, metric) enables OS command injection. Attack can be performed remotely and public exploits hav...
CVE-2026-2138
A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
EUVD-2026-5810
A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-2138
CVE-2026-2138 affects Tenda TX9 devices (firmware up to 22.03.02.10_multi). The vulnerability is in the function sub_42D03C of /goform/SetStaticRouteCfg, where the argument list manipulation leads to a buffer overflow. This allows remote exploitation and has public PoC/exploit material. Impact is...
CVE-2023-49430
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetStaticRouteCfg...
CVE-2025-11356
CVE-2025-11356 affects Tenda AC23 (pre-16.03.07.52). The vulnerability is in sscanf within /goform/SetStaticRouteCfg, where input length validation allows a buffer overflow, enabling remote exploitation. Public exploits exist. Remedies include upgrading to a version newer than 16.03.07.52 (per PT...
PT-2025-40968
Name of the Vulnerable Software and Affected Versions Tenda AC23 versions prior to 16.03.07.52 Description A flaw exists in the sscanf function within the /goform/SetStaticRouteCfg file. Manipulation of the argument list can lead to a buffer overflow, potentially allowing for remote attacks. The...
EUVD-2025-31447
Malicious code in bioql PyPI...
CVE-2025-11091
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...
CVE-2025-11091
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...
CVE-2025-11091 Tenda AC21 SetStaticRouteCfg sscanf buffer overflow
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to...
CVE-2025-10123
A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...
CVE-2025-10123
A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...
CVE-2025-10123 D-Link DIR-823X set_static_leases sub_415028 command injection
A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...