PT-2026-30749

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313 b20191024. Impacted is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit has been disclosed...

TOTOLINK A3300R setDdnsCfg function buffer overflow vulnerability

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a buffer overflow vulnerability that originates from the failure of the function setDdnsCfg in the file...

CVE-2025-11386

A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit...

EUVD-2018-10725

Malware in sbrugna...

EUVD-2020-19271

Malware in sbrugna...

EUVD-2014-8490

Malware in sbrugna...

CVE-2025-11328

A vulnerability was detected in Tenda AC18 15.03.05.196318. This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be...

EUVD-2023-53625

Malicious code in bioql PyPI...

EUVD-2024-32788

Malicious code in bioql PyPI...

CVE-2023-49691

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.0, SCALANCE...

CVE-2024-23059

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function...

CVE-2023-49691

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.0, SCALANCE...

CVE-2023-49691

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.0, SCALANCE...

CVE-2020-26733

Cross Site Scripting XSS in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section...

CVE-2020-26733

Cross Site Scripting XSS in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section...

CVE-2019-6964

A heap-based buffer over-read in ServiceSetParamStringValue in cosaxciscocomddnsdml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an...

CVE-2019-6964

A heap-based buffer over-read in ServiceSetParamStringValue in cosaxciscocomddnsdml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an...

CVE-2018-19007

In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration in the Network Configuration panel is vulnerable to an OS system command injection as root...

CVE-2018-19007

In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration in the Network Configuration panel is vulnerable to an OS system command injection as root...

CVE-2018-19007

The CVE-2018-19007 vulnerability affects Geutebrück GmbH E2 Camera Series before firmware 1.12.0.25. The issue is an OS command injection in the DDNS configuration (Network Configuration panel), allowing an attacker to execute commands as root. Impact is high (confidentiality, integrity, availabi...