CVE-2024-28353

CVE-2024-28353 affects the TRENDnet TEW-827DRU router (firmware 2.10B01). The issue is a command injection in the apply.cgi interface where an attacker can inject commands through the post parameter usapps.config.smb_admin_name, potentially gaining root shell privileges. Connected sources confirm...

PT-2024-2195 · Trendnet · Trendnet Tew-827Dru

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-827DRU router version 2.10B01 Description: There is a command injection issue in the apply.cgi interface, allowing an attacker to inject commands into the post request parameters usapps.config.smb admin name, thereby gaining root...

CVE-2024-28354

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...

CVE-2024-28353

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.config.smbadminname in the apply.cgi interface, thereby gaining root shell privileges...

PT-2024-2329 · Trendnet · Trendnet Tew-827Dru

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-827DRU router version 2.10B01 Description: The issue is related to a command injection vulnerability in the apply.cgi interface. An attacker can inject commands into the post request parameters usapps.@smb%d.username, potentially...

CVE-2023-50469

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi...

CVE-2023-50469

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi...

CVE-2023-50469

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi...

Buffer overflow

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at /apply.cgi...

CVE-2023-50469

CVE-2023-50469 affects Shenzhen Libituo Technology LBT-T300-T310 firmware v2.2.2.6. A buffer overflow exists in the ApCliEncrypType parameter processed by /apply.cgi. CVSS v3.1 score 9.8 (NETWORK, LOW complexity, NONE privileges, UI NONE) with high confidentiality, integrity and availability impa...

CVE-2023-47307

Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter...

CVE-2023-47307

Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter...

Buffer overflow

Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode parameter...

Shenzhen Libituo Technology LBT-T300-T310 Security Breach

Shenzhen Libituo Technology LBT-T300-T310 is an industrial router from Shenzhen Libituo Technology China. A security vulnerability exists in the Shenzhen Libituo Technology LBT-T300-T310 v2.2.2.6, which is caused by a buffer overflow vulnerability in multiple parameters in /apply.cgi. The...

CVE-2023-39239

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary...

CVE-2023-39239

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary...

Format string

It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote...

CVE-2023-39239

The CVE-2023-39239 entry concerns an authenticated/remote (sources vary on privilege) format string vulnerability in the General function API (apply.cgi) of ASUS RT-AX56U V2. The flaw arises from lack of input validation for a specific value in apply.cgi, enabling remote code execution or disrupt...

ASUS RT-AX56U Formatting String Error Vulnerability

The ASUS RT-AX56U is a wireless router from Asus China. A format string error vulnerability exists in ASUS RT-AX56U version V2. The vulnerability stems from a lack of validation of a specific value in the apply.cgi module. A format string vulnerability exists, which can be exploited by an...

PT-2023-4801 · Asus · Asus Rt-Ac86U +2

Name of the Vulnerable Software and Affected Versions: ASUS RT-AX56U V2 affected versions not specified ASUS RT-AX55 affected versions not specified ASUS RT-AC86U affected versions not specified Description: A format string vulnerability is identified in the General function API of the affected...