13 matches found
CVE-2026-5993
Totolink A7100RU (firmware 7.4cu.2313_b20191024) is affected via CGI Handler’s /cgi-bin/cstecgi.cgi setWiFiGuestCfg function. Manipulating the wifiOff argument can trigger an os command injection, with remote execution possible and a publicly available exploit. The documents do not provide remedi...
EUVD-2016-6299
Malware in sbrugna...
CVE-2025-45931
An issue D-Link DIR-816-A2 DIR-816A2FWv1.10CNB05R1B011D88210 allows a remote attacker to execute arbitrary code via system function in the bin/goahead file...
CVE-2025-4271 TOTOLINK A720R cstecgi.cgi information disclosure
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to information disclosure. The attac...
CVE-2025-4268 TOTOLINK A720R cstecgi.cgi missing authentication
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input RebootSystem leads to missing authentication. The attack can be initiated...
CVE-2025-46567 LLaMA-Factory Allows Arbitrary Code Execution via Unsafe Deserialization in Ilamafy_baichuan2.py
LLama Factory enables fine-tuning of large language models. Prior to version 1.0.0, a critical vulnerability exists in the llamafybaichuan2.py script of the LLaMA-Factory project. The script performs insecure deserialization using torch.load on user-supplied .bin files from an input directory. An...
Delta Electronics DTM Soft BIN File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DTM Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2024-0574
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stack-based buffer overflow. The attack may be launched remotel...
SUSE CVE-2022-34520
Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function rbinfilextrloadbuffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service DOS via a crafted binary file...
UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow PoC
No description provided by source. !/usr/bin/perl Credit:To n00b for finding this bug and writing poc. Ultra ISO stack over flow poc code. Ultra iso is exploitable via opening a specially crafted Cue file..There is A limitation that the user must have the bin file in the same dir as the cue file...
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2)
ultra iso exploit thomas . pollet @ gmail . com import struct scode=metasploit calc.exe shellcode "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49" "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36" "\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34...
UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow PoC
No description provided by source. !/usr/bin/perl Credit:To n00b for finding this bug and writing poc. Ultra ISO stack over flow poc code. Ultra iso is exploitable via opening a specially crafted Cue file..There is A limitation that the user must have the bin file in the same dir as the cue file...
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC)
!/usr/bin/perl Credit:To n00b for finding this bug and writing poc. Ultra ISO stack over flow poc code. Ultra iso is exploitable via opening a specially crafted Cue file..There is A limitation that the user must have the bin file in the same dir as the cue file. This is the reason i have provided...