CVE-2025-60701

The CVE-2025-60701 issue affects the D-Link DIR-882 router, specifically firmware DIR882A1_FW102B02. The vulnerability stems from the prog.cgi function sub_433188 and the rc binary’s sub_448FDC, where user-supplied EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, and AccountName are stored ...

CVE-2025-60690

A stack-based buffer overflow exists in the getmergeipaddr function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function concatenates up to four user-supplied CGI parameters matching 03 into a fixed-size buffer a2 without bounds checking. Remote attacke...

CVE-2025-60687

An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router firmware V9.1.0u.6619B20230130 within the cstecgi.cgi binary sub41EC68 function. The binary reads the "imei" parameter from a web request and verifies only that it is 15 characters long. The parameter is the...

CVE-2025-60689

An unauthenticated command injection vulnerability exists in the StartEPI function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The vulnerability occurs because user-supplied CGI parameters wlant, wlssid, wlrate, ttcpnum, ttcpip, ttcpsize are concatenated in...

PT-2025-46880

Name of the Vulnerable Software and Affected Versions Linksys E1200 v2 routers version E1200 v2.0.11.001 us.tar.gz Description A stack-based buffer overflow exists in the get merge mac function of the httpd binary. The function concatenates up to six user-supplied CGI parameters matching paramete...

PT-2025-46857

An unauthenticated command injection vulnerability exists in the Start EPI function of the httpd binary on Linksys E1200 v2 routers Firmware E1200 v2.0.11.001 us.tar.gz. The vulnerability occurs because user-supplied CGI parameters wl ant, wl ssid, wl rate, ttcp num, ttcp ip, ttcp size are...

GHSA-52C5-VH7F-26FX Cross-Site Scripting (XSS) vulnerability through unescaped HTML attribute values

Impact The prosemirrortohtml gem is vulnerable to Cross-Site Scripting XSS attacks through malicious HTML attribute values. While tag content is properly escaped, attribute values are not, allowing attackers to inject arbitrary JavaScript code. Who is impacted: - Any application using...

IPFire Cross-Site Scripting Vulnerability (CNVD-2025-27636)

IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the REMOTELOGADDR parameter of the...

IPFire Cross-Site Scripting Vulnerability (CNVD-2025-27708)

IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire has a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the QUOTAUSERS parameter of the...

CVE-2025-34305

IPFire versions prior to 2.29 Core Update 198 contain multiple stored cross-site scripting XSS vulnerabilities caused by a bug in the cleanhtml function /var/ipfire/header.pl that fails to apply HTML-entity encoding to user input. When an authenticated user submits data to affected endpoints - fo...

EUVD-2025-36514

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLSHOSTNAME, UPSTREAMUSER, UPSTREAMPASSWORD, ADMINMAILADDRESS, and ADMINPASSWORD parameters when adding a new...

EUVD-2025-36508

IPFire versions prior to 2.29 Core Update 198 contain a command injection vulnerability that allows an authenticated attacker to execute arbitrary commands as the user 'nobody' via multiple parameters when creating a Proxy report. When a user creates a Proxy report the application issues an HTTP...

CVE-2025-34305

IPFire versions prior to 2.29 Core Update 198 contain multiple stored cross-site scripting XSS vulnerabilities caused by a bug in the cleanhtml function /var/ipfire/header.pl that fails to apply HTML-entity encoding to user input. When an authenticated user submits data to affected endpoints - fo...

CVE-2025-34312

IPFire

CVE-2025-34318

IPFire

CVE-2025-12258

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. Impacted is the function setOpModeCfg of the file /cgi-bin/cstecgi.cg of the component POST Parameter Handler. The manipulation of the argument opmode results in stack-based buffer overflow. The attack may be performed from...

PT-2025-44164

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 Core Update 198 Description IPFire installations are affected by multiple stored cross-site scripting XSS issues. These occur because the cleanhtml function located at /var/ipfire/header.pl does not correctly appl...

CVE-2025-12241

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...

CVE-2025-12241 TOTOLINK A3300R POST Parameter cstecgi.cgi setLanguageCfg stack-based overflow

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...

PT-2025-43896

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description A security issue exists in TOTOLINK A3300R 17.0.0cu.557 B20221024. The setDmzCfg function within the /cgi-bin/cstecgi.cgi file is susceptible to a buffer overflow when the ip argument ...