CVE-2026-4477 Yi Technology YI Home Camera WPA/WPS hard-coded key

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

EUVD-2021-19322

Malware in sbrugna...

EUVD-2016-5806

Malware in sbrugna...

EUVD-2024-36217

Malicious code in bioql PyPI...

EUVD-2022-49396

Malicious code in bioql PyPI...

CVE-2025-9251

A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function stawpspin of the file /goform/stawpspin. Performing manipulation of the argument Ssid results in stack-based buffer...

CVE-2025-7092 Belkin F9K1122 webs formWlanSetupWPS stack-based overflow

A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. This vulnerability affects the function formWlanSetupWPS of the file /goform/formWlanSetupWPS of the component webs. The manipulation of the argument wpsenroleepin/webpage leads to stack-based buffer overflow. Th...

CVE-2025-5438

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. Affected by this vulnerability is the function WPS of the file /goform/WPS. The manipulation of the argument PIN leads ...

CVE-2025-5438

CVE-2025-5438 affects Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 devices with firmware versions 1.0.013.001, 1.0.04.001/1.0.04.002, 1.1.05.003, and 1.2.07.001. The WPS function at /goform/WPS is vulnerable to command injection through manipulation of the PIN argument, and the attack can be...

PT-2025-7067 · Unknown · Zoo-Project

Name of the Vulnerable Software and Affected Versions: ZOO-Project affected versions not specified Description: A vulnerability in the ZOO-Project's WPS implementation allows unauthorized access to files outside the intended directory through path traversal. Specifically, the Gdal Translate...

CVE-2024-36792

An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.541.0.1 allows attackers to gain access to the router's pin...

CVE-2024-57224

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apclidoenrpinwps function...

CVE-2024-36792

An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.541.0.1 allows attackers to gain access to the router's pin...

Netgear WNR614 安全漏洞

The NETGEAR WNR614 is an N300 wireless router with external antenna from Netgear USA. The NETGEAR WNR614 suffers from an information disclosure vulnerability that stems from a faulty WPS implementation that can be exploited by an attacker to access the router's password...

WPS Server Side Request Forgery vulnerability

Summary The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request Forgery. Details This vulnerability requires: The WPS extension to be installed The WPS security setting...

CVE-2023-24352

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS...

CVE-2021-37563

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS Wi-Fi Protected Setup protocol. Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds write...

openSUSE Security Update : hostapd (openSUSE-2017-1201) (KRACK)

This update for hostapd fixes the following issues : - Fix KRACK attacks on the AP side boo1063479, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088 : Hostap was updated to upstream release 2.6 - fixed EAP-pwd last fragment validation...

Security update for hostapd (important)

This update for hostapd fixes the following issues: - Fix KRACK attacks on the AP side boo1063479, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088: Hostap was updated to upstream release 2.6 fixed EAP-pwd last fragment validation...

CVE-2016-10179

An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607...