CVE-2024-10281 Tenda RX9/RX9 Pro SetStaticRouteCfg sub_42EEE0 stack-based overflow

A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotel...

CVE-2024-10194 WAVLINK WN530H4/WN530HG4/WN572HG3 Front-End Authentication Page login.cgi Goto_chidx stack-based overflow

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Gotochidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to stack-based buffer...

CVE-2024-10130 Tenda AC8 SetSysAutoRebbotCfg formSetRebootTimer stack-based overflow

A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability affects the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack can be initiated remotely. Th...

CVE-2024-10130 Tenda AC8 SetSysAutoRebbotCfg formSetRebootTimer stack-based overflow

A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability affects the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack can be initiated remotely. Th...

CVE-2024-10123 Tenda AC8 saveParentControlInfo compare_parentcontrol_time stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function compareparentcontroltime of the file /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be...

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

CVE-2024-41592

CVE-2024-41592 affects DrayTek Vigor3910 devices up to 4.3.2.6. The issue is a stack-based overflow in the GetCGI function when processing query string parameters (extraneous ampersands and long key–value pairs). Exploitation could lead to arbitrary code execution or DoS as described in multiple ...

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

CVE-2024-9284 TP-LINK TL-WR841ND popupSiteSurveyRpm.htm stack-based overflow

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched...

CVE-2024-9284 TP-LINK TL-WR841ND popupSiteSurveyRpm.htm stack-based overflow

A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched...

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

A critical security flaw has been disclosed in the Microchip Advanced Software Framework ASF that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a...

A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server

Overview A stack-based overflow vulnerability exists in the tinydhcp server in the Microchip Advanced Software Framework ASF that can lead to remote code execution. Description An implementation of DHCP in ASF fails input validation, thereby creating conditions for a stack-based overflow. The...

The vulnerability of the H5R__decode_heap() function in the HDF5 library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the H5Rdecodeheap function in the HDF5 library is related to buffer overflow based on a stack-based mechanism. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2024-45694

The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device...

PT-2024-6871 · D Link · D-Link Wireless Routers

Name of the Vulnerable Software and Affected Versions: D-Link wireless routers affected versions not specified Description: The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow issue, which allows unauthenticated remote attackers to exploit this issu...

VulnCheck KEV: CVE-2023-0656

A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service DoS, which could cause an impacted firewall to crash...

CVE-2024-41170

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...

CVE-2024-41170

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 All versions V2302.0015, Tecnomatix Plant Simulation V2404 All versions V2404.0004. The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attack...

The vulnerability of the fromNatlimit function in the microprogramming software for Tenda FH1201 allows a hacker to trigger a service failure.

The vulnerability of the fromNatlimit function in the microprogramming software for Tenda FH1201 is related to the possibility of buffer overflow based on a stack. Exploiting this vulnerability can allow a malicious actor to trigger a Denial-of-Service attack by sending a specially crafted POST...