8 matches found
EUVD-2026-18362
A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...
CVE-2026-5351
A weakness has been identified in Trendnet TEW-657BRM 1.00.1. This affects the function addwpsclient of the file /setup.cgi. This manipulation of the argument wlenroleepin causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and coul...
Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2025-20837)
The Belkin F9K1122 is a WiFi signal extender from Belkin Canada. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability that originates from the incorrect operation of the parameter wpsenroleepin/webpage in the file /goform/formWlanSetupWPS, no details of the vulnerability are...
CVE-2025-7092
A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. This vulnerability affects the function formWlanSetupWPS of the file /goform/formWlanSetupWPS of the component webs. The manipulation of the argument wpsenroleepin/webpage leads to stack-based buffer overflow. Th...
CVE-2022-26998
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps setting function via the wpsenroleepin parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2022-26998
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps setting function via the wpsenroleepin parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
ARRIS TR3300 命令注入漏洞
ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300 v1.0.13, which stems from the failure of the wpsenroleepin parameter in the wps function to properly filter the construct command special characters, commands, etc. An attacker coul...
PT-2022-18174 · Arris · Arris Tr3300
Name of the Vulnerable Software and Affected Versions: Arris TR3300 version 1.0.13 Description: The issue is related to a command injection vulnerability in the wps setting function. This vulnerability is exploited via the wps enrolee pin parameter, allowing attackers to execute arbitrary command...