CVE-2025-54400

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

CVE-2022-50513

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtwinitcmdpriv In rtwinitcmdpriv, if pcmdpriv-rspallocatedbuf is allocated in failure, then pcmdpriv-cmdallocatedbuf will be not properly released. Besides, considering there are...

CVE-2022-50513 staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtwinitcmdpriv In rtwinitcmdpriv, if pcmdpriv-rspallocatedbuf is allocated in failure, then pcmdpriv-cmdallocatedbuf will be not properly released. Besides, considering there are...

CVE-2025-54400

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

CVE-2025-54400

Planet WGR-500 v1.3411b190912 contains multiple stack-based buffer overflow vulnerabilities in the formPingCmd function. The code builds a ping command using three inputs (ipaddr, counts, submit-url) and writes into 100-byte ping_command, 260-byte buffer_260, and 32-byte buffer_32 without proper ...

EUVD-2025-32864

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

CVE-2025-54406

Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command...

EUVD-2007-4130

Malware in sbrugna...

EUVD-2020-10207

Malware in sbrugna...

EUVD-1999-1058

Malware in sbrugna...

EUVD-2018-17457

Malware in sbrugna...

EUVD-2004-2310

Malware in sbrugna...

EUVD-2002-0227

Malware in sbrugna...

EUVD-2020-28801

Malware in sbrugna...

Planet WGR-500 formPingCmd OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2025-2229 Planet WGR-500 formPingCmd OS command injection vulnerabilities October 7, 2025 CVE Number CVE-2025-54406,CVE-2025-54405 SUMMARY Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-383301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383301 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwlmvmsendrecoverycmd 1. The size of the response...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414361)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414361 advisory. A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmdhdlfilter in drivers/staging/rtl8712/rtl8712cmd.c, allowing an attacker to...

EUVD-2025-8207

Malicious code in bioql PyPI...

EUVD-2022-52663

Malicious code in bioql PyPI...

EUVD-2025-12376

Malicious code in bioql PyPI...