CVE-2025-10666 D-Link DIR-825 apply.cgi sub_4106d4 buffer overflow

A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affected by this vulnerability is the function sub4106d4 of the file apply.cgi. The manipulation of the argument countdowntime results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...

CVE-2025-10666

CVE-2025-10666 concerns a buffer overflow in the D-Link DIR-825 Rev.B firmware (≤ 2.10) tied to the apply.cgi function, specifically sub_4106d4, where manipulating the countdown_time input overflows a buffer. The flaw can be exploited remotely; public PoC/exploit data exist (PacketStorm/Exploits-...

D-Link DIR-825 安全漏洞

D-Link DIR-825 is a dual-band wireless router for SMB and SOHO environments from AUO D-Link, supporting 2.4GHz and 5GHz bands at the same time to meet the demand for multi-device HD video transmission. The D-Link DIR-825 suffers from a buffer overflow vulnerability, which originates from the...

PT-2025-38321

Name of the Vulnerable Software and Affected Versions D-Link DIR-825 versions up to 2.10 Description A security flaw exists in D-Link DIR-825 up to version 2.10. The vulnerability is located in the apply.cgi file, specifically within the sub 4106d4 function. Manipulation of the countdown time...

CVE-2013-10058

An authenticated OS command injection vulnerability exists in various Linksys router models tested on WRT160Nv2 running firmware version v2.0.03 via the apply.cgi endpoint. The web interface fails to properly sanitize user-supplied input passed to the pingsize parameter during diagnostic...

CVE-2013-10058 Linksys Routers apply.cgi Remote Command Injection

An authenticated OS command injection vulnerability exists in various Linksys router models tested on WRT160Nv2 running firmware version v2.0.03 via the apply.cgi endpoint. The web interface fails to properly sanitize user-supplied input passed to the pingsize parameter during diagnostic...

CVE-2013-10058 Linksys Routers apply.cgi Remote Command Injection

An authenticated OS command injection vulnerability exists in various Linksys router models tested on WRT160Nv2 running firmware version v2.0.03 via the apply.cgi endpoint. The web interface fails to properly sanitize user-supplied input passed to the pingsize parameter during diagnostic...

CVE-2013-10062 Linksys Routers apply.cgi Path Traversal

A directory traversal vulnerability exists in Linksys router's web interface tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05, specifically in the /apply.cgi endpoint. Authenticated attackers can exploit the nextpage POST parameter to access arbitrary files outside the...

CVE-2013-10062

This CVE describes a directory traversal vulnerability in Linksys E1500 routers, affecting firmware 1.0.00, 1.0.04, and 1.0.05. The flaw is in the web interface’s /apply.cgi endpoint, exploitable via the next_page POST parameter to access files outside the web root, potentially exposing sensitive...

CVE-2013-10062 Linksys Routers apply.cgi Path Traversal

A directory traversal vulnerability exists in Linksys router's web interface tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05, specifically in the /apply.cgi endpoint. Authenticated attackers can exploit the nextpage POST parameter to access arbitrary files outside the...

Linksys WRT160Nv2 安全漏洞

Linksys WRT160Nv2 is a wireless router from Linksys, Inc. A security vulnerability exists in the Linksys WRT160Nv2 version 2.0.03, which stems from insufficient cleanup of the apply.cgi endpoint input and could lead to remote code execution...

Linksys E1500 安全漏洞

The Linksys E1500 is a wireless router from Linksys, USA. A security vulnerability exists in Linksys E1500 versions 1.0.00, 1.0.04, and 1.0.05, which stems from a directory traversal issue in the apply.cgi endpoint that could lead to information disclosure...

CVE-2013-3307

Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell metacharacters in the apply.cgi pingip parameter on TCP port 52000...

CVE-2013-3307

CVE-2013-3307 affects Linksys E1000 (≤2.1.02), E1200 (2.1.02, E1200 ≥2.0.05, E3200 >1.0.04. Monitor for updates and apply vendor-provided patches when available.

Linksys多款产品 操作系统命令注入漏洞

The Linksys E1000, among others, is a router from Linksys USA. An operating system command injection vulnerability exists in various Linksys products. The vulnerability stems from the presence of shell metacharacters in the pingip parameter of apply.cgi on TCP port 52000, which could lead to OS...

CVE-2020-14078

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wificaptiveportallogin with a sufficiently long REMOTEADDR key...

CVE-2024-36728

TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlansetting with a sufficiently long dns1 or dns 2 key...

CVE-2024-12856 Four-Faith Industrial Router adjust_sys_time OS Command Injection

The Four-Faith router models F3x24 and F3x36 are affected by an operating system OS command injection vulnerability. At least firmware version 2.0 allows authenticated and remote attackers to execute arbitrary OS commands over HTTP when modifying the system time via apply.cgi. Additionally, this...

Four-Faith F3x24和Four-Faith F3x36 安全漏洞

The Four-Faith F3x24 and Four-Faith F3x36 are both portable wireless mobile routers from Four-Faith China. A security vulnerability exists in the Four-Faith F3x24 and Four-Faith F3x36. The vulnerability can be exploited to execute arbitrary operating system commands over HTTP while changing the...

CVE-2024-8408

A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validateservicesport of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument servicesarray leads to stack-based buffer overflow. The...