53 matches found
EUVD-2025-19717
Malicious code in bioql PyPI...
EUVD-2025-14882
Malicious code in bioql PyPI...
CVE-2025-45029
WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENTLENGTH variable at /cgi-bin/upload.cgi...
CVE-2025-45029
WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENTLENGTH variable at /cgi-bin/upload.cgi...
CVE-2025-45029
WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENTLENGTH variable at /cgi-bin/upload.cgi...
CVE-2025-45029
WINSTAR WN572HP3 v230525 is affected by a heap overflow in the CONTENT_LENGTH handling at /cgi-bin/upload.cgi. The issue is triggered via the CONTENT_LENGTH variable, with root cause described as a heap overflow, and CVSS v3.1 base score 6.5 (Network, Low confidentiality/Integrity impact, no Avai...
CVE-2025-45029
WINSTAR WN572HP3 v230525 was discovered to contain a heap overflow via the CONTENTLENGTH variable at /cgi-bin/upload.cgi...
PT-2025-27632 · Winstar · Winstar Wn572Hp3
Name of the Vulnerable Software and Affected Versions: WINSTAR WN572HP3 version v230525 Description: A heap overflow issue was discovered via the CONTENT LENGTH variable at the "/cgi-bin/upload.cgi" API endpoint. Recommendations: For WINSTAR WN572HP3 version v230525, consider disabling access to...
CVE-2025-44879
WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2025-44879
WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
Winstars WS-WN572HP3 安全漏洞
Winstars WS-WN572HP3 is a wireless access point from Winstars China. A security vulnerability exists in Winstars WS-WN572HP3 version V230525, which originates from a buffer overflow in the file /www/cgi-bin/upload.cgi, which could lead to a denial of service attack...
CVE-2025-44879
WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
PT-2025-21245 · Unknown · Ws-Wn572Hp3
Name of the Vulnerable Software and Affected Versions: WS-WN572HP3 version V230525 Description: A buffer overflow was discovered in the component /www/cgi-bin/upload.cgi, allowing attackers to cause a Denial of Service DoS via a crafted HTTP request. Recommendations: For WS-WN572HP3 version...
CVE-2022-35536
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qosbandwith and qosdat, which leads to command injection in page /qos.shtml...
CVE-2022-35526
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml...
CVE-2022-35533
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: clilist and clinum, which leads to command injection in page /qos.shtml...
CVE-2022-35520
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf, and this is a hidden parameter which doesn't appear in POST body, but exist in cgi binary. This leads to command injection in page /ledonoff.shtml...
CVE-2022-35517
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: webpskValue, wlMethod, wlanssid, EncrypType, rwanip, rwanmask, rwangateway, pppusername, ppppasswd and pppsetver, which leads to command injection in page /wizardroutermesh.shtml...
Command injection
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters: mac5g and Newname, which leads to command injection in page /wifimesh.shtml...
Command injection
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: qosbandwith and qosdat, which leads to command injection in page /qos.shtml...