CVE-2026-26213

thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

EUVD-2026-16293

thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

CVE-2026-26213

The CVE-2026-26213 issue affects thingino-firmware up to firmware-2026-03-16, where an unauthenticated OS command injection exists in the WiFi captive portal CGI script. An attacker can inject malicious code through unsanitized HTTP parameter names, exploiting eval in parse_query() and parse_post...

CVE-2026-26213

thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

PT-2026-28353

Name of the Vulnerable Software and Affected Versions thingino-firmware versions prior to firmware-2026-03-16 Description The software contains an unauthenticated operating system command injection flaw within the WiFi captive portal CGI script. This allows remote attackers to execute arbitrary...

EUVD-2022-49384

Malicious code in bioql PyPI...

CVE-2022-46580

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the usereditpage parameter in the wificaptiveportal function...

TRENDnet TEW-755AP 缓冲区错误漏洞

The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a buffer overflow vulnerability that stems from a lack of size checking of input data in the usereditpage parameter of the wificaptiveportal function, which can be exploited by an attacker to execute arbitrary...

CVE-2022-46580

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the usereditpage parameter in the wificaptiveportal function...

PT-2022-27908 · Trendnet · Trendnet Tew755Ap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW755AP version 1.13B01 Description: A stack overflow issue was discovered, related to the wifi captive portal function, specifically via the user edit page parameter. Recommendations: For TRENDnet TEW755AP version 1.13B01, consider...

CVE-2020-14078

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wificaptiveportallogin with a sufficiently long REMOTEADDR key...