CVE-2026-4194 D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control

A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...

CVE-2026-4182

CVE-2026-4182 affects the D-Link DIR-816 (firmware 1.10CNB05). The vulnerability exists in the goahead component, specifically the file /goform/form2Wl5RepeaterStep2.cgi, where manipulating the arguments key1/key2/key3/key4/pskValue causes a stack-based buffer overflow . This enables remote explo...

CVE-2026-4182 D-Link DIR-816 goahead form2Wl5RepeaterStep2.cgi stack-based overflow

A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the file /goform/form2Wl5RepeaterStep2.cgi of the component goahead. This manipulation of the argument key1/key2/key3/key4/pskValue causes stack-based buffer overflow. Remote exploitation of the attack...

CVE-2026-4182

A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the file /goform/form2Wl5RepeaterStep2.cgi of the component goahead. This manipulation of the argument key1/key2/key3/key4/pskValue causes stack-based buffer overflow. Remote exploitation of the attack...

CVE-2026-4181

CVE-2026-4181 affects D-Link DIR-816 (firmware 1.10CNB05) with a stack-based overflow in /goform/form2RepeaterStep2.cgi of the goahead component. The vulnerability arises from improper handling of the key1/key2/key3/key4/pskValue arguments, enabling a remote, potentially unauthenticated attacker ...

CVE-2026-4181

A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack may be launched...

CVE-2026-4166

A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted element is the function sub404F68 of the file /cgi-bin/login.cgi. The manipulation of the argument homepage/hostname results in cross site scripting. The attack can be launched remotely. The exploit has been made public and coul...

CVE-2026-4164

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-4164 Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi command injection

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

CVE-2026-4164

CVE-2026-4164 affects Wavlink WL-WN578W2 (firmware version 221110) with a flaw in POST Request Handler, specifically the /cgi-bin/wireless.cgi functions Delete_Mac_list, SetName, and GuestWifi. The underlying issue enables a remote command injection, allowing an attacker with network access and n...

PT-2026-25556

D-Link DIR-816 goahead form2Wl5RepeaterStep2.cgi stack-based overflow CVE: CVE-2026-4182 PT-Identifier: PT-2026-25556 Vendor: D-link Product: DIR-816 CVSS: 9.3 Credits: pjqwudi VulDB User Description: A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of...

PT-2026-25572

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function RSS Get Update...

PT-2026-25571

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi...

PT-2026-25555

D-Link DIR-816 goahead form2RepeaterStep2.cgi stack-based overflow CVE: CVE-2026-4181 PT-Identifier: PT-2026-25555 Vendor: D-link Product: DIR-816 CVSS: 9.3 Credits: pjqwudi VulDB User Description: A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function o...

EUVD-2019-19736

Hisilicon HiIpcam V100R003 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by exploiting directory listing in the cgi-bin directory. Attackers can request the getadslattr.cgi endpoint to retrieve ADSL credentials and netwo...

CVE-2019-25472 IntelBras Telefone IP TIP200/200 LITE Arbitrary File Read via dumpConfigFile

IntelBras Telefone IP TIP200 and 200 LITE contain an unauthenticated arbitrary file read vulnerability in the dumpConfigFile function accessible via the cgiServer.exx endpoint. Attackers can send GET requests to /cgi-bin/cgiServer.exx with the command parameter containing dumpConfigFile to read...

CVE-2019-25465

Hisilicon HiIpcam V100R003 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by exploiting directory listing in the cgi-bin directory. Attackers can request the getadslattr.cgi endpoint to retrieve ADSL credentials and netwo...

CVE-2019-25465 Hisilicon HiIpcam V100R003 Information Disclosure via Directory Traversal

Hisilicon HiIpcam V100R003 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by exploiting directory listing in the cgi-bin directory. Attackers can request the getadslattr.cgi endpoint to retrieve ADSL credentials and netwo...

Hisilicon HiIpcam 安全漏洞

Hisilicon HiIpcam is an IP camera produced by Hisilicon Corporation. The Hisilicon HiIpcam V100R003 version has a security vulnerability. This vulnerability stems from directory traversal in the cgi-bin directory, which may allow unverified attackers to access sensitive configuration files...

Intelbras TIP 200 Lite和Intelbras TELEFONE IP TIP200 安全漏洞

The Intelbras TIP 200 Lite and the Intelbras TELEFONE IP TIP200 are both products of the Brazilian company Intelbras. The Intelbras TIP 200 Lite is an IP phone device. It operates as an IP terminal and supports up to two SIP accounts. It features high voice quality HD Voice, LCD display 2x15, and...