Tenda CX12L 缓冲区错误漏洞

The Tenda CX12L is a home-use wireless router device from the Chinese company Tenda. The version 16.03.53.12 of the Tenda CX12L contains a buffer error vulnerability. This vulnerability stems from the function formfastsettingwifiset in the Wi-Fi Configuration Endpoint component...

Tenda AC6 命令注入漏洞

Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version 15.03.06.49multiTDE01 of Tenda AC6 has a command injection vulnerability. This vulnerability stems from the function fromSetWirelessRepeat in the goform/WifiExtraSet module of the httpd component, which processes...

TOTOLINK LR350 安全漏洞

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “ssid” in the file /cgi-bin/cstecgi.cgi, which may lead to a buffer overflow...

TOTOLINK LR350 security vulnerabilities

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “ssid” in the file /cgi-bin/cstecgi.cgi, which may lead to a buffer overflow...

CVE-2026-0836 UTT 进取 520W formConfigFastDirectionW strcpy buffer overflow

A vulnerability was determined in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW. This manipulation of the argument ssid causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclos...

TOTOLINK LR350 安全漏洞

TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the ssid parameter in the...

Linksys多款产品 安全漏洞

Linksys RE6250 and others are a wireless extender from Linksys USA. A security vulnerability exists in various Linksys products, which stems from a stack buffer overflow due to incorrect manipulation of the parameter ssid in the file /goform/WPSSTAPINEnr. The following products are affected:...

Datacom DM955 5GT 代码注入漏洞

The Datacom DM955 5GT is a router from Datacom New Zealand. A code injection vulnerability exists in the Datacom DM955 5GT version 1200 825.8010.00, which stems from improper handling of the parameter SSID and could lead to cross-site scripting attacks...

The vulnerability in the bridge_wireless_main.cgi script of the Netgear XR300 router’s software allows a hacker to induce a service failure.

The vulnerability in the bridgewirelessmain.cgi script of the Netgear XR300 router software lies in the copying of buffers without checking the size of the input data during the processing of the ssid parameter. Exploiting this vulnerability allows a malicious actor to cause service failure by...

TP-LINK TL-WR740N 安全漏洞

The TP-LINK TL-WR740N is a wireless router from China P&L TP-LINK. A buffer overflow vulnerability exists in the TP-LINK TL-WR740N V6 version that originates from a boundary error in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm when handling untrusted input. A remote attacker could use...

The vulnerability of Tp-Link AC1350 and Tp-Link N300 wireless access points’ microprogramming software is related to buffer overflow in the stack, allowing attackers to execute arbitrary code.

The vulnerability of the microprogrammed wireless access point software Tp-Link AC1350 and Tp-Link N300 lies in the buffer overflow that occurs during the processing of the ssid parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through specially crafted...

CVE-2022-33192

Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A XCMD can lead to arbitrary command execution. An attacker can send a sequence of malicious commands to trigger these vulnerabilities.This...

CVE-2022-37895

An unauthenticated Denial of Service DoS vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x:...

wpa_supplicant: P2P SSID processing vulnerability

A buffer overflow flaw was found in the way wpasupplicant handled SSID information in the Wi-Fi Direct / P2P management frames. A specially crafted frame could allow an attacker within Wi-Fi radio range to cause wpasupplicant to crash or, possibly, execute arbitrary code...

wpa_supplicant P2P SSID Handling Vulnerability

wpasupplicant is a set of daemons that run in the background to support WEP, WPA/WPA2 and WAPI wireless protocols and encrypted authentication. A buffer overflow vulnerability exists in the wpasupplicant 'p2padddevice' function src/p2p/p2p.c, which allows an attacker to submit a specially crafted...

USN-2577-1 wpa vulnerability

It was discovered that wpasupplicant incorrectly handled SSID information when creating or updating P2P peer entries. A remote attacker could use this issue to cause wpasupplicant to crash, resulting in a denial of service, expose memory contents, or possibly execute arbitrary code...

DSA-788-1 kismet - several

Bulletin has no description...