EUVD-2026-31752

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. Impacted is the function setNetworkDiag of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument NetDiagHost/NetDiagPingNum/NetDiagPingSize/NetDiagPingTimeOut/NetDiagTracertHop is...

CVE-2026-9514

The CVE-2026-9514 entry concerns Totolink CA750-PoE (firmware 6.2c.510). The vulnerability affects the Setting Handler’s /cgi-bin/cstecgi.cgi setNetworkDiag function, where argument NetDiagHost/NetDiagPingNum/NetDiagPingSize/NetDiagPingTimeOut/NetDiagTracertHop is directly passed by the attacker,...

D-Link DIR-650IN - Authenticated Command Injection

Exploit Title: D-Link DIR-650IN - Authenticated Command Injection Date: 2023-01-08 Exploit Author: Sanjay Singh Vendor Homepage: https://www.dlink.com Software Link: https://dlinkmea.com/index.php/product/details?det=T082aVdUWUFNR2FRblBBQUxMWlVTZz09 Version: Firmware V1.04 REQUIRED Tested on:...

CVE-2026-2909

A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...

CVE-2026-2909

A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...

CVE-2026-2909

CVE-2026-2909 affects Tenda HG9 300001138. The vulnerability exists in the Diagnostic Ping Endpoint at /boaform/formPing, where manipulating the pingAddr argument triggers a stack-based buffer overflow. It is exploitable remotely, and public exploits exist. CVSS metrics indicate high impact acros...

CVE-2026-2909 Tenda HG9 Diagnostic Ping Endpoint formPing stack-based overflow

A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...

CVE-2026-2909 Tenda HG9 Diagnostic Ping Endpoint formPing stack-based overflow

A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...

CVE-2026-2909

A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...

PT-2026-21410

Name of the Vulnerable Software and Affected Versions Tenda HG9 version 300001138 Description A security flaw exists in the Tenda HG9 router's Diagnostic Ping component. The issue stems from a stack-based buffer overflow caused by improper handling of input in the pingAddr argument of the...

Tenda HG9 安全漏洞

The Tenda HG9 is a WiFi router produced by the Chinese company Tenda. The Tenda HG9 300001138 version has a security vulnerability. This vulnerability stems from incorrect handling of the parameter “pingAddr” in the file/boaform/formPing of the Diagnostic Ping Endpoint component, which may lead t...

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

Yealink T21P_E2 安全漏洞

Yealink T21PE2 is an IP phone from China Yealink Yealink. A security vulnerability exists in Yealink T21PE2 version 52.84.0.15, which stems from a flaw in the ping function of the diagnostic component, and could lead to the execution of arbitrary code by a remote attacker...

D-Link DIR-823x Command Injection Vulnerability

The D-Link DIR-823X is a wireless router from China's AUO D-Link. A command injection vulnerability exists in the D-Link DIR-823x 250416 and prior versions, which stems from the failure to properly filter constructed command special characters, commands, etc. in the parameter targetaddr in the fi...

PT-2024-17848 · Overtek · Overtek Ot-E801G

Name of the Vulnerable Software and Affected Versions: Overtek OT-E801G version OTE801G65.1.1.0 Description: A critical issue was found in the Overtek OT-E801G, affecting the file /diag ping.cmd. This issue leads to os command injection when the action parameter is set to test and the ipaddr...

CVE-2023-43959

An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

Optilink Network OP-XT71000N 命令注入漏洞

The Optilink Network OP-XT71000N is a wireless router from Optilink Network India. The Optilink Network OP-XT71000N version V2.2 suffers from a command injection vulnerability that can be exploited remotely when an attacker sends arbitrary code that results in a COMMAND EXECUTION to the "PingTest...