160 matches found
Tenda TX9 goform/SetStaticRouteCfg File Buffer Overflow Vulnerability
The Tenda TX9 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda TX9 goform/SetStaticRouteCfg file, which originates from the parameter list of the function sub42D03C within the file /goform/SetStaticRouteCfg that fails to correctly validate t...
CVE-2026-2157
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...
CVE-2026-2157
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...
CVE-2026-2157
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...
CVE-2026-2157
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...
CVE-2026-2157
D-Link DIR-823X 250416 is affected by CVE-2026-2157. The vulnerability is in the function sub_4175CC of /goform/set_static_route_table, where manipulating arguments (interface, destip, netmask, gateway, metric) enables OS command injection. Attack can be performed remotely and public exploits hav...
CVE-2026-2157 D-Link DIR-823X set_static_route_table sub_4175CC os command injection
A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...
CVE-2026-2138
A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-2138
A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
EUVD-2026-5810
A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-2138
A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-2138 Tenda TX9 SetStaticRouteCfg sub_42D03C buffer overflow
A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...
CVE-2026-2138
CVE-2026-2138 affects Tenda TX9 devices (firmware up to 22.03.02.10_multi). The vulnerability is in the function sub_42D03C of /goform/SetStaticRouteCfg, where the argument list manipulation leads to a buffer overflow. This allows remote exploitation and has public PoC/exploit material. Impact is...
PT-2026-6988
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security issue exists in D-Link DIR-823X version 250416. The sub 4175CC function within the /goform/set static route table file is susceptible to OS command injection. Manipulation of the interface,...
D-Link DIR-823X 操作系统命令注入漏洞
The D-Link DIR-823X is a wireless router produced by D-Link Corporation. The D-Link DIR-823X 250416 version has a vulnerability related to operating system command injection. This vulnerability arises from incorrect operations on the parameters interface/destip/netmask/gateway/metric in the...
Tenda TX9 安全漏洞
The Tenda TX9 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda TX9 goform/SetStaticRouteCfg file, which originates from the parameter list of the function sub42D03C within the file /goform/SetStaticRouteCfg that fails to correctly validate t...
CVE-2023-49430
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetStaticRouteCfg...
PT-2026-8208
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's IPv6 implementation related to ECMP Equal-Cost Multi-Path routing. Specifically, a mismatch in sibling counts can occur when clearing the RTF ADDRCONF...
CVE-2025-60694
A stack-based buffer overflow exists in the validatestaticroute function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function improperly concatenates user-supplied CGI parameters routeipaddr03, routenetmask03, routegateway03 into fixed-size buffers v6,...
EUVD-2025-175327
A stack-based buffer overflow exists in the validatestaticroute function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function improperly concatenates user-supplied CGI parameters routeipaddr03, routenetmask03, routegateway03 into fixed-size buffers v6,...