Lucene search
K

253678 matches found

Cvelist
Cvelist
added 2026/05/04 8:45 a.m.43 views

CVE-2026-7749 Totolink N300RH POST Request cstecgi.cgi setWanConfig buffer overflow

A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument priDns leads to buffer overflow. The attack may be initiated remotely. The...

9CVSS0.00563EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/04 8:45 a.m.7 views

CVE-2026-7749 Totolink N300RH POST Request cstecgi.cgi setWanConfig buffer overflow

A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument priDns leads to buffer overflow. The attack may be initiated remotely. The...

9CVSS7.8AI score0.00563EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 8:45 a.m.16 views

EUVD-2026-26941

A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument priDns leads to buffer overflow. The attack may be initiated remotely. The...

9CVSS6.2AI score0.00563EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/04 8:45 a.m.3 views

CVE-2026-7749

A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument priDns leads to buffer overflow. The attack may be initiated remotely. The...

9CVSS7.8AI score0.00563EPSS
Exploits0References5
CVE
CVE
added 2026/05/04 8:45 a.m.18 views

CVE-2026-7749

Totolink N300RH version 3.2.4-B20220812 is affected. The vulnerability is in the POST Request Handler function setWanConfig (file /cgi-bin/cstecgi.cgi); manipulating the priDns argument can cause a buffer overflow. The issue can be triggered remotely, and the exploit has been publicly disclosed (...

9CVSS7.8AI score0.00563EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/04 8:30 a.m.42 views

CVE-2026-7748 Totolink N300RH POST Request cstecgi.cgi setUpgradeFW buffer overflow

A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument FileName can lead to buffer overflow. The attack can be launched...

9CVSS0.00463EPSS
Exploits0References5
CVE
CVE
added 2026/05/04 8:30 a.m.22 views

CVE-2026-7748

Totolink N300RH (firmware 3.2.4-B20220812) is affected by a buffer overflow in the POST handler function setUpgradeFW within /cgi-bin/cstecgi.cgi. The vulnerability stems from manipulation of the FileName argument, allowing remote exploitation. Exploit code is publicly available per the CVE entry...

9CVSS7.8AI score0.00463EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/04 8:30 a.m.3 views

CVE-2026-7748

A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument FileName can lead to buffer overflow. The attack can be launched...

9CVSS7.8AI score0.00463EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/04 8:30 a.m.5 views

CVE-2026-7748 Totolink N300RH POST Request cstecgi.cgi setUpgradeFW buffer overflow

A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument FileName can lead to buffer overflow. The attack can be launched...

9CVSS7.8AI score0.00463EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 8:30 a.m.13 views

EUVD-2026-26939

A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument FileName can lead to buffer overflow. The attack can be launched...

9CVSS6.2AI score0.00463EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/04 8:15 a.m.63 views

CVE-2026-7747 Totolink N300RH Parameter cstecgi.cgi loginauth buffer overflow

A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be...

10CVSS0.00606EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 8:15 a.m.6 views

EUVD-2026-26937

A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be...

10CVSS6.1AI score0.00606EPSS
Exploits0References5
CVE
CVE
added 2026/05/04 8:15 a.m.20 views

CVE-2026-7747

CVE-2026-7747 affects Totolink N300RH (firmware 3.2.4-B20220812). The vulnerability lies in the Parameter Handler’s file /cgi-bin/cstecgi.cgi, specifically the loginauth function where manipulating the Password argument can cause a buffer overflow. It is network-borne with no authentication requi...

10CVSS7.7AI score0.00606EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/04 8:15 a.m.6 views

CVE-2026-7747 Totolink N300RH Parameter cstecgi.cgi loginauth buffer overflow

A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be...

10CVSS7.7AI score0.00606EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/04 8:15 a.m.5 views

CVE-2026-7747

A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be...

10CVSS7.7AI score0.00606EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/04 7:15 a.m.8 views

CVE-2026-7735

A flaw was found in osrg GoBGP. A remote attacker can exploit this vulnerability by manipulating the PathAttributeAigp.DecodeFromBytes function, leading to a buffer overflow. This could result in a denial of service, information disclosure, or potentially arbitrary code execution...

7.5CVSS6.4AI score0.00361EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/04 6:24 a.m.3 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the DecodeFromBytes function of the AIGP Attribute Parser. An attacker can execute arbitrary code, cause a denial of service, or compromise data integrity and confidentiality by sending specially crafted BGP packets t...

7.5CVSS6AI score0.00361EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 6:16 a.m.34 views

CVE-2026-7735

A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading...

7.5CVSS0.00361EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/04 5:41 a.m.11 views

EUVD-2026-26889

In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch I...

6.5CVSS6.2AI score0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 5:15 a.m.22 views

CVE-2026-7735

The CVE concerns osrg GoBGP (up to 4.3.0) where the PathAttributeAigp.DecodeFromBytes function in pkg/packet/bgp/bgp.go handles the AIGP Attribute Parser. A manipulation can cause a buffer overflow, enabling remote initiation of an attack. This entry specifies that upgrading to version 4.4.0 addr...

7.5CVSS7.3AI score0.00361EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder