CVE-2026-10045 CVE-2026-10045

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

EUVD-2026-35790

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

PT-2026-48163

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

CVE-2026-50224

The web administration panel binds broadly to the public IPv6 address space on port :::8080 without default firewall limits, making internal API endpoints reachable over the WAN...

CVE-2026-50224 Unauthenticated IPv6 WAN Management Exposure

The web administration panel binds broadly to the public IPv6 address space on port :::8080 without default firewall limits, making internal API endpoints reachable over the WAN...

CVE-2026-36603

Mercusys AC12G (EU) V1 router (firmware AC12G(EU)_V1_200909) is affected by a UPnP IGD issue: 15 of 18 UPnP actions are exposed without authentication on port 1900, with UPnP enabled by default via the admin interface. This allows any unauthenticated LAN device to create arbitrary port forwarding...

gatekeeper_wan_poc_server

This is the...

CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

UBUNTU-CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: A NULL pointer dereference occurs during the removal of a device. During the suspend and resume cycles, the removal and rescan of devices can lead to NULL pointer dereferences. During driver initialization, if th...

Cisco Catalyst SD-WAN Controller Authentication Bypass (cisco-sa-sdwan-rpa2-v69WY2SW)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an...

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system...

CVE-2026-40408 Windows WAN ARP Driver Elevation of Privilege Vulnerability

...

EUVD-2026-29103

In Meari client applications embedding "com.meari.sdk" including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label = 1.8.x, the integrated call path to openapi-euce.mearicloud.com can be abused to retrieve WAN IP data for arbitrary devices. The root cause is a server-side...

CVE-2026-33357 Meari OpenAPI device status IDOR

In Meari client applications embedding "com.meari.sdk" including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label = 1.8.x, the integrated call path to openapi-euce.mearicloud.com can be abused to retrieve WAN IP data for arbitrary devices. The root cause is a server-side...

PT-2026-31401

Name of the Vulnerable Software and Affected Versions D-Link DI-8003 version 16.07.26A1 D-Link DI-8003G version 19.12.10A1 Description A buffer overflow exists due to improper handling of the wan ping parameter in the /wan ping.asp API endpoint. Recommendations Update D-Link DI-8003 to a version...

Cisco Catalyst SD-WAN Manager（Cisco SD-WAN vManage） 跨站脚本漏洞

Cisco Catalyst SD-WAN Manager is a highly customizable dashboard provided by the American company Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. Cisco Catalyst SD-WAN Manager has a cross-site scripting vulnerability, which stems from...

PT-2026-24908

D-Link DIR-513 formEasySetupWizard3 stack-based overflow CVE: CVE-2026-3978 Vendor: D-link Product: DIR-513 CVSS: 8.7 Credits: LtzHust2 VulDB User Description: A vulnerability was detected in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formEasySetupWizard3...

CVE-2026-3678

A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclos...

CVE-2026-27850 Improper verification in Linksys MR9600, Linksys MX4200

Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200...