Lucene search
+L

160 matches found

CNVD
CNVD
added 2026/02/11 12:0 a.m.4 views

Tenda TX9 goform/SetStaticRouteCfg File Buffer Overflow Vulnerability

The Tenda TX9 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda TX9 goform/SetStaticRouteCfg file, which originates from the parameter list of the function sub42D03C within the file /goform/SetStaticRouteCfg that fails to correctly validate t...

9CVSS6.5AI score0.00733EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/09 7:23 p.m.7 views

CVE-2026-2157

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS5.3AI score0.03916EPSS
Exploits1References1
OSV
OSV
added 2026/02/08 3:15 p.m.11 views

CVE-2026-2157

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

7.2CVSS5.6AI score0.03916EPSS
Exploits1References5
NVD
NVD
added 2026/02/08 3:15 p.m.11 views

CVE-2026-2157

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS0.03916EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/08 3:2 p.m.12 views

CVE-2026-2157

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS6.8AI score0.03916EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/02/08 3:2 p.m.26 views

CVE-2026-2157

D-Link DIR-823X 250416 is affected by CVE-2026-2157. The vulnerability is in the function sub_4175CC of /goform/set_static_route_table, where manipulating arguments (interface, destip, netmask, gateway, metric) enables OS command injection. Attack can be performed remotely and public exploits hav...

8.6CVSS6.8AI score0.03916EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/02/08 3:2 p.m.47 views

CVE-2026-2157 D-Link DIR-823X set_static_route_table sub_4175CC os command injection

A security vulnerability has been detected in D-Link DIR-823X 250416. This affects the function sub4175CC of the file /goform/setstaticroutetable. Such manipulation of the argument interface/destip/netmask/gateway/metric leads to os command injection. The attack may be performed from remote. The...

8.6CVSS0.03916EPSS
Exploits1References5
NVD
NVD
added 2026/02/08 6:16 a.m.6 views

CVE-2026-2138

A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...

9CVSS0.00733EPSS
Exploits1References6
OSV
OSV
added 2026/02/08 6:16 a.m.4 views

CVE-2026-2138

A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...

8.7CVSS6.2AI score0.00733EPSS
Exploits1References6
EUVD
EUVD
added 2026/02/08 6:2 a.m.7 views

EUVD-2026-5810

A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...

9CVSS8.4AI score0.00733EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/02/08 6:2 a.m.7 views

CVE-2026-2138

A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...

9CVSS8.4AI score0.00733EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/02/08 6:2 a.m.33 views

CVE-2026-2138 Tenda TX9 SetStaticRouteCfg sub_42D03C buffer overflow

A vulnerability was found in Tenda TX9 up to 22.03.02.10multi. Affected is the function sub42D03C of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used...

9CVSS0.00733EPSS
Exploits1References6
CVE
CVE
added 2026/02/08 6:2 a.m.13 views

CVE-2026-2138

CVE-2026-2138 affects Tenda TX9 devices (firmware up to 22.03.02.10_multi). The vulnerability is in the function sub_42D03C of /goform/SetStaticRouteCfg, where the argument list manipulation leads to a buffer overflow. This allows remote exploitation and has public PoC/exploit material. Impact is...

9CVSS8.5AI score0.00733EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/08 12:0 a.m.21 views

PT-2026-6988

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A security issue exists in D-Link DIR-823X version 250416. The sub 4175CC function within the /goform/set static route table file is susceptible to OS command injection. Manipulation of the interface,...

8.6CVSS5.5AI score0.03916EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.8 views

D-Link DIR-823X 操作系统命令注入漏洞

The D-Link DIR-823X is a wireless router produced by D-Link Corporation. The D-Link DIR-823X 250416 version has a vulnerability related to operating system command injection. This vulnerability arises from incorrect operations on the parameters interface/destip/netmask/gateway/metric in the...

8.6CVSS7.1AI score0.03916EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.9 views

Tenda TX9 安全漏洞

The Tenda TX9 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda TX9 goform/SetStaticRouteCfg file, which originates from the parameter list of the function sub42D03C within the file /goform/SetStaticRouteCfg that fails to correctly validate t...

9CVSS7.8AI score0.00733EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.6 views

CVE-2023-49430

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetStaticRouteCfg...

9.8CVSS7.4AI score0.00925EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.10 views

PT-2026-8208

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's IPv6 implementation related to ECMP Equal-Cost Multi-Path routing. Specifically, a mismatch in sibling counts can occur when clearing the RTF ADDRCONF...

5.5CVSS6.6AI score0.00114EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/14 12:1 a.m.6 views

CVE-2025-60694

A stack-based buffer overflow exists in the validatestaticroute function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function improperly concatenates user-supplied CGI parameters routeipaddr03, routenetmask03, routegateway03 into fixed-size buffers v6,...

7.5CVSS8.1AI score0.01149EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/13 6:31 p.m.5 views

EUVD-2025-175327

A stack-based buffer overflow exists in the validatestaticroute function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function improperly concatenates user-supplied CGI parameters routeipaddr03, routenetmask03, routegateway03 into fixed-size buffers v6,...

7.5CVSS7.7AI score0.01149EPSS
Exploits1References4
Rows per page
Query Builder