19 matches found
CVE-2026-24111
An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addAuthUser function and processed by sscanf without size validation, it could lead to buffer overflow...
PT-2026-22601
Name of the Vulnerable Software and Affected Versions Tenda W20E version 4.0br V15.11.0.6 Description An issue exists in Tenda W20E firmware where improper input validation can lead to a buffer overflow. Attackers can exploit this by manipulating the userInfo variable. Specifically, when the...
CVE-2025-41732
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkcookie function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
CVE-2025-41730
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkaccount function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
CVE-2025-41732
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkcookie function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
CVE-2025-41732
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkcookie function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
CVE-2025-41730
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkaccount function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
CVE-2025-41730
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkaccount function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
CVE-2025-41732 Stack-based buffer overflow via unsafe sscanf in check_cookie()
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkcookie function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
EUVD-2025-202414
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkcookie function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
CVE-2025-41732
CVE-2025-41732 describes a stack-based overflow caused by unsafe sscanf usage in the check_cookie() function, permitting an unauthenticated remote attacker to write into fixed-size stack buffers and potentially compromise the device. The Open documentation consistently states a full device compro...
CVE-2025-41732 Stack-based buffer overflow via unsafe sscanf in check_cookie()
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkcookie function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
EUVD-2025-202415
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkaccount function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
CVE-2025-41730
CVE-2025-41730 is an unauthenticated remote exploit reported for WAGO Industrial-Managed-Switches and related Red Hat/NVD variants. The root cause is unsafe uses of sscanf in the check_account() function, which can write data into fixed-size stack buffers, resulting in a stack-based overflow and ...
CVE-2025-41730 Stack-based buffer overflow via unsafe sscanf in check_account()
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkaccount function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
CVE-2025-41730 Stack-based buffer overflow via unsafe sscanf in check_account()
An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkaccount function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...
PT-2025-50320
Name of the Vulnerable Software and Affected Versions versions prior to 2025-41732 Description An unauthenticated remote attacker can exploit unsafe sscanf calls within the check cookie function to write arbitrary data into fixed-size stack buffers, potentially leading to full device compromise...
WAGO Indsutrial-Managed-Switches 安全漏洞
WAGO Indsutrial-Managed-Switches is a series of high-performance network devices from WAGO, Germany. A security vulnerability exists in WAGO Indsutrial-Managed-Switches, which stems from an unsafe sscanf call in the checkcookie function, which could lead to full control of the device...
PT-2025-50319
Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description An unauthenticated remote attacker can exploit unsafe sscanf calls within the check account function to write arbitrary data into fixed-size stack buffers, potentially leading to full device compromise. The...