10 matches found
CVE-2026-2881
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...
CVE-2026-2881
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...
CVE-2026-2881 D-Link DWR-M960 Advanced Firewall Configuration Endpoint formFirewallAdv sub_425FF8 stack-based overflow
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...
CVE-2026-2881 D-Link DWR-M960 Advanced Firewall Configuration Endpoint formFirewallAdv sub_425FF8 stack-based overflow
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack...
CVE-2019-25422
Comodo Dome Firewall 2.7.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the vpnfw endpoint. Attackers can submit POST requests with script payloads in the target parameter for reflected XSS or the remark parameter for stored XSS to execute...
CVE-2019-25422 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via vpnfw
Comodo Dome Firewall 2.7.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the vpnfw endpoint. Attackers can submit POST requests with script payloads in the target parameter for reflected XSS or the remark parameter for stored XSS to execute...
PT-2024-23635 · Netentsec · Netentsec Ns-Asg
Name of the Vulnerable Software and Affected Versions: netentsec NS-ASG version 6.3 Description: The issue is related to SQL Injection. It can be exploited via the "/admin/edit fire wall.php" API endpoint. Recommendations: For netentsec NS-ASG version 6.3, consider restricting access to the...
PT-2023-27978 · Tenda · Tenda Ac9
Name of the Vulnerable Software and Affected Versions: Tenda AC9 version V15.03.06.42 multi Description: A stack overflow issue was discovered, which occurs via the firewallEn parameter at the "/goform/SetFirewallCfg" API endpoint. Recommendations: For Tenda AC9 version V15.03.06.42 multi, consid...
PT-2023-27685
Name of the Vulnerable Software and Affected Versions Tenda AC8 version US AC8V4.0si V16.03.34.06 cn Zyxel CPE affected versions not specified Description A stack overflow issue was discovered in Tenda AC8 via the firewallEn parameter at the "/goform/SetFirewallCfg" API endpoint. For Zyxel CPE...
CVE-2018-20577
Orange Livebox 00.96.320S devices allow cgi-bin/restore.exe, cgi-bin/firewallSPI.exe, cgi-bin/setupremotemgmt.exe, cgi-bin/setuppass.exe, and cgi-bin/upgradep.exe CSRF. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T...