181 matches found
CVE-2025-8019
A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub40B6F0 of the file at/appy.cgi. The manipulation of the argument wanproto leads to buffer overflow. The attack may be launched remotely. The...
CVE-2025-7914 Tenda AC6 httpd setparentcontrolinfo buffer overflow
A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. The attack can be launched remotely...
CVE-2025-7806
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack can be initiated remotely. The...
CVE-2025-7794
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The...
CVE-2025-7571
A vulnerability classified as critical has been found in UTT HiPER 840G up to 3.1.1-190328. This affects an unknown part of the file /goform/aspApBasicConfigUrcp. The manipulation of the argument Username leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has be...
CVE-2025-7571 UTT HiPER 840G aspApBasicConfigUrcp buffer overflow
A vulnerability classified as critical has been found in UTT HiPER 840G up to 3.1.1-190328. This affects an unknown part of the file /goform/aspApBasicConfigUrcp. The manipulation of the argument Username leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has be...
CVE-2025-7468 Tenda FH1201 HTTP POST Request fromSafeUrlFilter buffer overflow
A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attac...
CVE-2025-7423
CVE-2025-7423 affects Tenda O3V2 1.0.0.12(3880). The vulnerability is in the httpd component, function formWifiMacFilterSet in /goform/setWrlFilterList. Manipulating the macList argument causes a stack-based buffer overflow. This allows remote exploitation with the exploit publicly disclosed; pot...
CVE-2025-7092
A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. This vulnerability affects the function formWlanSetupWPS of the file /goform/formWlanSetupWPS of the component webs. The manipulation of the argument wpsenroleepin/webpage leads to stack-based buffer overflow. Th...
CVE-2025-7117
A vulnerability classified as critical was found in UTT HiPER 840G up to 3.1.1-190328. This vulnerability affects unknown code of the file /goform/websWhiteList. The manipulation of the argument addHostFilter leads to buffer overflow. The attack can be initiated remotely. The exploit has been...
CVE-2025-7091
A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. Affected is the function formWlanMP of the file /goform/formWlanMP of the component webs. The manipulation of the argument...
CVE-2025-7092
Affected product/versions: Belkin F9K1122, version 1.00.33. Vulnerability: In the webs component, the function formWlanSetupWPS in /goform/formWlanSetupWPS processes the wps_enrolee_pin/webpage parameter, causing a stack-based buffer overflow. This can be exploited remotely and has been publicly ...
CVE-2025-6939
A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...
CVE-2025-6752
A vulnerability has been found in Linksys WRT1900ACS, EA7200, EA7450 and EA7500 up to 20250619 and classified as critical. This vulnerability affects the function SetDefaultConnectionService of the file /upnp/control/Layer3Forwarding of the component IGD. The manipulation of the argument...
CVE-2025-6565
A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function httpd of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2025-6148
A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. It has been rated as critical. This issue affects some unknown processing of the file /boafrm/formSysLog of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack...
CVE-2025-6165 TOTOLINK X15 HTTP POST Request formTmultiAP buffer overflow
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formTmultiAP of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack c...
CVE-2025-6158
A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function subAC78 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2025-6151
CVE-2025-6151 affects TP-Link TL-WR940N V4 and TL-WR841N V11. The root cause is a buffer overflow in the /userRpm/WanSlaacCfgRpm.htm functionality triggered by manipulating the dnsserver1 parameter. This can be exploited remotely over the network, and the affected devices are no longer supported ...
CVE-2025-6091 H3C GR-3000AX aspForm UpdateIpv6Params buffer overflow
A vulnerability was found in H3C GR-3000AX V100R007L50. It has been classified as critical. Affected is the function UpdateWanParamsMulti/UpdateIpv6Params of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to launch the attack...