CVE-2026-11503 Tenda CX12L Wi-Fi Configuration Endpoint fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflow

A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function formfastsettingwifiset of the file /goform/fastsettingwifiset of the component Wi-Fi Configuration Endpoint. Such manipulation of the argument ssid leads to stack-based buffer overflow. The...

CVE-2026-32296

Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network to one of the attacker's choosing, or craft a request to exhaust the system memory and terminate...

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

EUVD-2011-3415

Malware in sbrugna...

EUVD-2020-3902

Malware in sbrugna...

EUVD-2016-3539

Malware in sbrugna...

EUVD-2025-7219

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-2457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - server/pm/UserManagerService.java in Wi-Fi in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 allows attackers to bypass intended...

CVE-2011-3452

Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across software updates, which allows remote attackers to obtain sensitive information by leveraging the lack of a WEP password for a Wi-Fi network...

CVE-2025-25680

LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuyaipcdirectconnect function of the anykaipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera...

CVE-2025-25680

CVE-2025-25680 affects LSC Smart Connect LSC Indoor PTZ Camera (firmware 7.6.32). The RCE is in the anyka_ipc process, via the tuya_ipc_direct_connect function, exploitable when a specially crafted QR code is presented during Wi‑Fi configuration. The documented impact is arbitrary code execution ...

CVE-2020-11551

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 V2.5.1.106, Outdoor Satellite RBS50Y V2.5.1.106, and Pro Tri-Band Business WiFi Router SRR60 AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote write of arbitrary Wi-Fi...

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

Information disclosure

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

PT-2023-23357 · Gl.Inet · Gl.Inet

Name of the Vulnerable Software and Affected Versions: GL.iNet devices versions prior to 3.216 Description: An issue was discovered that reveals information about the Wi-Fi configuration, including the SSID and key, through an API endpoint. Recommendations: For versions prior to 3.216, update to...

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

Design/Logic Flaw

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite SRS60 AC3000 V2.5.1.106, Outdoor Satellite RBS50Y V2.5.1.106, and Pro Tri-Band Business WiFi Router SRR60 AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote write of arbitrary Wi-Fi...

CVE-2020-8423

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network...

Buffer overflow

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 firmware version 3.16.9 devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network...