848 matches found
CVE-2025-47401 Buffer Over-read in WLAN HAL
Transient DOS when processing target power rate tables during channel configuration...
CVE-2025-47401
CVE-2025-47401 indicates a transient denial of service caused by a buffer over-read in the WLAN HAL during channel configuration while processing target power rate tables. The description across sources confirms the issue and impact to availability, but no concrete exploitation details, affected ...
CVE-2026-7027
A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...
CVE-2026-7027
A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...
EUVD-2026-25702
A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...
CVE-2026-7027 D-Link DSL-2740R Wireless Setup Section cross site scripting
A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...
CVE-2026-7027
A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...
PT-2026-35208
A vulnerability was identified in D-Link DSL-2740R EU 01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...
D-Link DSL-2740R 跨站脚本漏洞
The D-Link DSL-2740R is a high-performance ADSL router from D-Link Corporation. The D-Link DSL-2740R EU01.15 version has a cross-site scripting vulnerability. This vulnerability stems from improper handling of the Wireless Network Name parameter by the Wireless Setup Section component, which may...
PT-2026-37167
Name of the Vulnerable Software and Affected Versions wlc versions prior to 2.0.0 Description The HTML output format embeds API response data into HTML without proper escaping. This allows for cross-site scripting XSS, a technique where malicious scripts are injected into trusted websites, when t...
MediaTek Wireless LAN Security Update
Potential vulnerabilities have been identified in MediaTek Wireless LAN Drivers for some HP PC products, which might allow escalation of privilege or denial of service. MediaTek has released driver updates to mitigate the potential vulnerabilities. MediaTek has released updates to mitigate the...
CVE-2026-6168
A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid5g causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-21367 Buffer Over-read in WLAN Firmware
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans...
Wavlink WL-WN579X3-C 安全漏洞
Wavlink WL-WN579X3-C is a wireless network extender produced by Wavlink Corporation. The Wavlink WL-WN579X3-C 231124 version contains a security vulnerability. This vulnerability stems from incorrect handling of the UpnpEnabled parameter, which may lead to a stack-based buffer overflow attack...
PT-2026-28701
Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A buffer overflow issue exists in the setWiFiGuestCfg function of the /cgi-bin/cstecgi.cgi file. The issue is triggered by manipulating the ssid argument. The exploit for this issue has...
CVE-2026-4346 Cleartext Storage of Administrative and Wi-Fi Credentials via Accessible Serial Interface in TP Link's TL-WR850N
The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...
CVE-2026-4346
The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...
CVE-2026-4346
The CVE concerns TP-Link TL-WR850N v3 where credentials (administrative and Wi‑Fi) are stored in cleartext in a region of the device’s flash while the serial interface is enabled and protected by weak authentication. A physical attacker who can access the serial port can recover sensitive data, i...
Security update for
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.3 fixes various security issues The following security issues were fixed: CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. CVE-2025-38488: smb: client: fix use-after-free in...
CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal
LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...