CVE-2025-60689

An unauthenticated command injection vulnerability exists in the StartEPI function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The vulnerability occurs because user-supplied CGI parameters wlant, wlssid, wlrate, ttcpnum, ttcpip, ttcpsize are concatenated in...

CVE-2025-60689

An unauthenticated command injection vulnerability exists in the StartEPI function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The vulnerability occurs because user-supplied CGI parameters wlant, wlssid, wlrate, ttcpnum, ttcpip, ttcpsize are concatenated in...

EUVD-2025-50816

Incus vulnerable to local privilege escalation through custom storage volumes...

Incus vulnerable to local privilege escalation through custom storage volumes

Impact This affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true as well as access to the host as an unprivileged user. The most common case for this would ...

PT-2025-46848

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB V9.1.0u.6619 B20230130 and NR1800X V9.1.0u.6681 B20230703 Router firmware within the cstecgi.cgi binary setDefResponse function. The binary reads the "IpAddress" parameter from a web request and copies it into a fixed-size stac...

PT-2025-46844

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614 B20230630 within the sysconf binary, specifically in the sub 40BFA4 function that handles network interface reinitialization from '/var/system/linux vlan reinit'. Input is only partially validated by...

CVE-2025-60698

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub432F60 function in prog.cgi stores user-supplied SetSysLogSettings/IPAddress values in NVRAM via nvramsafeset"SysLogRemoteIPAddress", .... These values are...

PT-2025-46879

Name of the Vulnerable Software and Affected Versions D-Link DIR-823G router firmware version DIR823G V1.0.2B05 20181207.bin Description A command injection issue exists in the D-Link DIR-823G router firmware. The timelycheck and sysconf binaries process the /var/system/linux vlan reinit file. Th...

PT-2025-46888

A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G V1.0.2B05 20181207.bin in the timelycheck and sysconf binaries, which process the /tmp/new qos.rule configuration file. The vulnerability occurs because parsed fields from the configuration file are concatenat...

Linksys E7350 安全漏洞

Linksys E7350 is a dual-band WiFi 6 router with AX1800 speeds from Linksys USA. A security vulnerability exists in the Linksys E7350 version 1.1.00.032, which originates from a stack buffer overflow in the mtkdut binary file, which could result in memory corruption, denial of service, or executio...

Linksys E1200 安全漏洞

Linksys E1200 is a router from Linksys USA. A security vulnerability exists in the Linksys E1200 E1200v2.0.11.001us.tar.gz version, which originates from a stack buffer overflow in the httpd binary, which could lead to the execution of arbitrary code or a denial of service...

D-Link DIR-823G 安全漏洞

The D-Link DIR-823G is a wireless router from China's AUO D-Link. The D-Link DIR-823G suffers from a command injection vulnerability that can be exploited by an attacker to execute arbitrary commands on the device...

TOTOLINK A950RG 安全漏洞

TOTOLINK A950RG is an ultra-generation Giga wireless router from China's Gion Electronics TOTOLINK that supports high-speed network connectivity and multi-device management. The TOTOLINK A950RG suffers from a command injection vulnerability that stems from a failure to properly filter construct...

CVE-2025-60701

The CVE-2025-60701 issue affects the D-Link DIR-882 router, specifically firmware DIR882A1_FW102B02. The vulnerability stems from the prog.cgi function sub_433188 and the rc binary’s sub_448FDC, where user-supplied EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, and AccountName are stored ...

CVE-2025-60702

A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the system.so binary. The setDiagnosisCfg function retrieves the ipDoamin parameter from user input via websGetVar and concatenates it directly into a ping system command executed via...

CVE-2025-60675

A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823GV1.0.2B0520181207.bin in the timelycheck and sysconf binaries, which process the /tmp/newqos.rule configuration file. The vulnerability occurs because parsed fields from the configuration file are concatenated...

CVE-2025-60698

The CVE-2025-60698 issue affects D-Link DIR-882 router firmware DIR882A1_FW102B02, where SetSysLogSettings/IPAddress stored in NVRAM via nvram_safe_set can be read and concatenated into a shell command executed by twsystem() in the rc binary. The root cause is un-sanitized retrieval of nvram valu...

CVE-2025-60671

CVE-2025-60671 affects the D-Link DIR-823G router firmware DIR823G_V1.0.2B05_20181207.bin, via command injection in timelycheck and sysconf processing /var/system/linux_vlan_reinit. Root cause: content read from that file is only partially validated for a prefix and then formatted with vsnprintf(...

CVE-2025-60685

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary sub401EE0 function. The binary reads the /proc/stat file using fgets into a local buffer and subsequently parses the line using sscanf into a single-byte variable with the %s forma...

CVE-2024-32009

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to wrongly set permissions to a binary which allows any local attacker to gain administrative privileges...