278 matches found
CVE-2024-8408 Linksys WRT54G POST Parameter apply.cgi validate_services_port stack-based overflow
A vulnerability was found in Linksys WRT54G 4.21.5. It has been rated as critical. Affected by this issue is the function validateservicesport of the file /apply.cgi of the component POST Parameter Handler. The manipulation of the argument servicesarray leads to stack-based buffer overflow. The...
PT-2024-38990 · Linksys · Linksys Wrt54G
Name of the Vulnerable Software and Affected Versions: Linksys WRT54G version 4.21.5 Description: A critical issue affects the function validate services port of the file /apply.cgi in the component POST Parameter Handler. The manipulation of the argument services array leads to a stack-based...
CVE-2024-36728
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlansetting with a sufficiently long dns1 or dns 2 key...
CVE-2024-36729
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizardipv6 with a sufficiently long reboottype key...
CVE-2024-36728
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action vlansetting with a sufficiently long dns1 or dns 2 key...
CVE-2024-36729
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizardipv6 with a sufficiently long reboottype key...
CVE-2024-36729
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wizardipv6 with a sufficiently long reboottype key...
PT-2024-27137 · Trendnet · Trendnet Tew-827Dru
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-827DRU versions 2.06B04 and earlier Description: The issue is a stack-based buffer overflow in the ssi binary, allowing an authenticated user to execute arbitrary code. This can be achieved by sending a POST request to the...
PT-2024-27138 · Trendnet · Tew-827Dru
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-827DRU versions 2.06B04 and earlier Description: The issue is a stack-based buffer overflow in the ssi binary, allowing an authenticated user to execute arbitrary code. This can be achieved by sending a POST request to "apply.cgi...
The vulnerability in the `apply.cgi` interface of TRENDnet TEW-827DRU’s CGI microprogramming system allows a hacker to escalate their privileges and execute arbitrary commands.
The vulnerability in the apply.cgi interface of TRENDnet TEW-827DRU microprogramming software’s CGI interface is related to the failure to take measures to neutralize special elements used in the OS command when processing the usapps.d.username parameter. Exploiting this vulnerability allows a...
CVE-2024-29244
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pincode3g parameter at /apply.cgi...
CVE-2024-29243
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpnclientip parameter at /apply.cgi...
CVE-2024-29243
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpnclientip parameter at /apply.cgi...
CVE-2024-29244
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pincode3g parameter at /apply.cgi...
CVE-2024-29244
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pincode3g parameter at /apply.cgi...
CVE-2024-29243
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpnclientip parameter at /apply.cgi...
CVE-2024-29244
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the pincode3g parameter at /apply.cgi...
CVE-2024-29243
CVE-2024-29243 affects Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9, with a vulnerability in the VPN API endpoint (vpn_client_ip at /apply.cgi) that allows a buffer overflow. The Red Hat and CNNVD entries corroborate a buffer overflow condition; PT-Security notes a workaround: avoid ...
Shenzhen Libituo LBT-T300-mini1 安全漏洞
Shenzhen Libituo Technology LBT-T300-mini1 is a 5G industrial router from Shenzhen Libituo Technology China. A security vulnerability exists in the Shenzhen Libituo LBT-T300-mini1 v1.2.9, which is caused by a buffer overflow in the vpnclientip parameter in /apply.cgi...
CVE-2024-29243
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpnclientip parameter at /apply.cgi...