CVE-2025-50671

CVE-2025-50671 describes a buffer overflow in D-Link DI-8003 firmware (16.07.26A1) caused by improper bounds checking in the /xwgl_ref.asp endpoint. An attacker can trigger by sending crafted HTTP GET requests with excessively long values for parameters such as name, en, user_id, shibie_name, tim...

D-Link DIR-816L Buffer Overflow Vulnerability

DIR-816L is a wireless router product from D-Link. A stack buffer overflow vulnerability exists in the D-Link DIR-816L version 206b09beta, which stems from failure to properly validate the input length when manipulating the en parameter of the scandirmain function in the /portal/ajaxexporer.sgi...

CVE-2025-11524

A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...

CVE-2025-11328 Tenda AC18 SetDDNSCfg stack-based overflow

A vulnerability was detected in Tenda AC18 15.03.05.196318. This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be...

CVE-2025-51281

D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en, val and id parameters in the qjasp function. This vulnerability allows authenticated attackers to cause a Denial of Service DoS by sending crafted GET requests with overly long values for these parameters...

CVE-2025-51281

D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en, val and id parameters in the qjasp function. This vulnerability allows authenticated attackers to cause a Denial of Service DoS by sending crafted GET requests with overly long values for these parameters...

The vulnerability of D-Link DIR-850L B1 router microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s command set, allowing attackers to execute arbitrary commands.

The vulnerability of D-Link DIR-850L B1 router microprogramming software is related to the lack of measures taken to neutralize special elements used in the operating system’s command processing when dealing with the en parameter. Exploiting this vulnerability allows a remote attacker to execute...

CVE-2023-49004

An issue in D-Link DIR-850L v.B1FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter...

D-Link DIR-850 Security Vulnerability

The D-Link DIR-850 is a wireless router from China-based AUO D-Link. A security vulnerability exists in D-Link DIR-850L v.B1FW223WWb01. A remote attacker can exploit this vulnerability to execute arbitrary code via specially crafted scripts on the en parameter...

PT-2023-7920 · D Link · D-Link Dir-850L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-850L version B1 FW223WWb01 Description: The issue is related to the firmware of D-Link DIR-850L routers, specifically version B1 FW223WWb01, where a remote attacker can execute arbitrary code via a crafted script to the en paramete...

CVE-2023-40891

Tenda AC8 v4 USAC8V4.0siV16.03.34.06cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg...

CVE-2021-46231

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function urlrdopt.asp. This vulnerability allows attackers to execute arbitrary commands via the urlen parameter...

Maccms 跨站脚本漏洞

Maccms is a PHP-based content management system CMS for film and television. A cross-site scripting vulnerability exists in Macmms 10, which stems from a failure to properly handle data for the typeen parameter in the product. An attacker could obtain an administrator cookie and escalate privileg...