307 matches found
MINI-HMQ4-G427-78QV
Bulletin has no description...
MINI-875R-J27C-HHQM
Bulletin has no description...
MINI-676P-XQ3C-78MG
Bulletin has no description...
MINI-Q734-M485-FW43
Bulletin has no description...
MINI-822W-9M28-MV86
Bulletin has no description...
EUVD-2026-9044
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session security. Attackers can exploit predictable session tokens combined with MD5's collision vulnerabilities to forge valid session cookies an...
CVE-2026-27751
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement t...
CVE-2026-27752 SODOLA SL902-SWTGW124AS <= 200.1.20 Cleartext Credential Transmission
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authentication credentials over unencrypted HTTP, allowing attackers to capture credentials. An attacker positioned to observe network traffic between a user and the device can intercept credentials and reuse them to gain...
PT-2026-22373
Name of the Vulnerable Software and Affected Versions SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 Description The firmware contains a weakness in how session identifiers are created. This allows attackers to create valid session identifiers without logging in, potentially gaining...
CVE-2026-2882
A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub46385C of the file /boafrm/formDosCfg. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made...
MINI-48VM-55RF-J4Q3
Bulletin has no description...
MINI-WR2X-PRW2-WR36
Bulletin has no description...
D-Link DI-7100G 命令注入漏洞
The D-Link DI-7100G is a wireless router produced by D-Link Corporation. The D-Link DI-7100G C1 version, released on April 18, 2014, has a command injection vulnerability. This vulnerability stems from improper handling of the parameter “usbusername” when using the setjhttpdinfo function, which m...
MINI-226G-P2PW-3G3C
Bulletin has no description...
CGA-G98H-M644-MG65
Bulletin has no description...
CVE-2026-1409 Beetel 777VR1 UART excessive authentication
A security vulnerability has been detected in Beetel 777VR1 up to 01.00.09/01.00.0955. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper restriction of excessive authentication attempts. It is possible to launch the attack on the physic...
CVE-2026-0837
A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor...
CVE-2019-18844
The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pcicore.h instead of other mechanisms for propagating error information or diagnostic information, which might allow attackers to cause a denial of service assertion failu...
CVE-2017-18731
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6100 before 1.0.1.16, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, and WNR2000v5 before 1.0.0.58...
CVE-2025-15357
A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /mspinfo.htm?flag=cmd. The manipulation of the argument cmd results in command injection. The attack can be launched remotely. The exploit has been made public and could be used...