PT-2024-22839 · Shenzhen Libituo Technology Co. · Lbt-T300-Mini

Name of the Vulnerable Software and Affected Versions: Shenzhen Libituo Technology Co., Ltd LBT-T300-mini version 1.2.9 Description: A buffer overflow issue was discovered via the pin code 3g parameter at the "/apply.cgi" API endpoint. Recommendations: For version 1.2.9, avoid using the pin code ...

Shenzhen Libituo Technology LBT-T300-mini 安全漏洞

The Shenzhen Libituo Technology LBT-T300-mini is a mini-plug-in router from Shenzhen Libituo Technology China. A security vulnerability exists in the Shenzhen Libituo Technology LBT-T300-mini v1.2.9, which is caused by a buffer overflow in the pincode3g parameter in /apply.cgi...

PT-2024-22838 · Shenzhen Libituo Technology Co. · Lbt-T300-Mini

Name of the Vulnerable Software and Affected Versions: Shenzhen Libituo Technology Co., Ltd LBT-T300-mini version 1.2.9 Description: A buffer overflow issue was discovered via the vpn client ip parameter at the "/apply.cgi" API endpoint. Recommendations: For version 1.2.9, avoid using the vpn...

The vulnerability in the apply.cgi interface of TRENDnet’s TEW-827DRU router software allows a hacker to elevate their privileges to the root user level.

The vulnerability of the apply.cgi interface of TRENDnet TEW-827DRU router microprogramming system is related to the lack of measures taken to neutralize special elements used in the OS command. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to root user...

CVE-2024-28447

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lanipaddr parameters at /apply.cgi...

CVE-2024-28446

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lannetmask parameter at /apply.cgi...

CVE-2024-28446

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lannetmask parameter at /apply.cgi...

Shenzhen Libituo Technology LBT-T300-mini1 Security Breach

Shenzhen Libituo Technology LBT-T300-mini1 is a 5G industrial router from Shenzhen Libituo Technology China. A security vulnerability exists in the Shenzhen Libituo Technology LBT-T300-mini1 v1.2.9, which is caused by a buffer overflow in the lanipaddr parameter via /apply.cgi...

CVE-2024-28446

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lannetmask parameter at /apply.cgi...

CVE-2024-28447

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lanipaddr parameters at /apply.cgi...

CVE-2024-28446

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lannetmask parameter at /apply.cgi...

CVE-2024-28447

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lanipaddr parameters at /apply.cgi...

Shenzhen Libituo Technology LBT-T300-mini1 Security Breach

Shenzhen Libituo Technology LBT-T300-mini1 is a 5G industrial router from Shenzhen Libituo Technology China. A security vulnerability exists in the Shenzhen Libituo Technology LBT-T300-mini1 v1.2.9, which is caused by a buffer overflow in the lannetmask parameter via /apply.cgi...

CVE-2024-28446

CVE-2024-28446 affects Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 (v1.2.9). A buffer overflow is triggered by the lan_netmask parameter via the /apply.cgi API endpoint. CVSS v3.1 base score 5.7 (AV:A, AC:L, PR:L, UI:N, S:U, C:N, I:N, A:H). Connected sources consistently list LBT-T300-min...

PT-2024-22440 · Shenzhen Libituo Technology Co. · Lbt-T300-Mini1

Name of the Vulnerable Software and Affected Versions: Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 version 1.2.9 Description: A buffer overflow issue was discovered via the lan ipaddr parameters at the "/apply.cgi" API endpoint. Recommendations: For version 1.2.9, consider restricting...

PT-2024-22439 · Shenzhen Libituo Technology Co. · Lbt-T300-Mini1

Name of the Vulnerable Software and Affected Versions: Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 version 1.2.9 Description: A buffer overflow issue was discovered via the lan netmask parameter at the "/apply.cgi" API endpoint. Recommendations: For version 1.2.9, as a temporary workaroun...

CVE-2024-28354

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...

CVE-2024-28354

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...

CVE-2024-28353

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.config.smbadminname in the apply.cgi interface, thereby gaining root shell privileges...

CVE-2024-28353

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.config.smbadminname in the apply.cgi interface, thereby gaining root shell privileges...