CVE-2026-2139 Tenda TX9 fast_setting_wifi_set sub_432580 buffer overflow

A vulnerability was determined in Tenda TX9 up to 22.03.02.10multi. Affected by this vulnerability is the function sub432580 of the file /goform/fastsettingwifiset. This manipulation of the argument ssid causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly...

CVE-2017-18483

ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID...

EUVD-2013-1171

Malware in sbrugna...

EUVD-2018-6413

Malware in sbrugna...

EUVD-2023-49515

Malicious code in bioql PyPI...

CVE-2019-25015

LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID...

CVE-2013-1131

Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, and WET200 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SSID that is not properly handled during a site survey, aka Bug IDs CSCua86182, CSCua91196, CSCud36155, and...

CVE-2018-11953

While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...

CVE-2023-45208

A command injection in the parsingxmlstasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers within range of the repeater to run shell commands as root during the setup process of the repeater, via a crafted SSID. Also, network names...

CVE-2023-45208

A command injection in the parsingxmlstasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers within range of the repeater to run shell commands as root during the setup process of the repeater, via a crafted SSID. Also, network names...

Command injection

A command injection in the parsingxmlstasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers within range of the repeater to run shell commands as root during the setup process of the repeater, via a crafted SSID. Also, network names...

CVE-2023-45208

A command injection in the parsingxmlstasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers within range of the repeater to run shell commands as root during the setup process of the repeater, via a crafted SSID. Also, network names...

CVE-2023-45208

A command injection in the parsingxmlstasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers within range of the repeater to run shell commands as root during the setup process of the repeater, via a crafted SSID. Also, network names...

CVE-2021-20644

ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page...

CVE-2019-25015

LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID...

CVE-2019-25015

LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID...

Cross site scripting

LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID...

CVE-2019-25015

LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID...

CVE-2017-18483

ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID...

Yi Home Camera Code Execution Vulnerability (CNVD-2018-22778)

Yi Home Camera is an IoT home camera sold worldwide. A code execution vulnerability exists in the Cloud OTA Settings feature in Yi Home Camera 27US 1.8.7.0D. The vulnerability can be exploited by an attacker to achieve command injection via a specially crafted SSID, which can lead to code executi...