Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit the printed string from the FW file. There is no guarantee that the file always has a NUL-termination; therefore, reading the string may go beyond the end of the TLV. If that is the last TLV in the file, it...

CVE-2025-65826

The mobile application was found to contain stored credentials for the network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor. Additionally, if an attacker were locate...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly limiting the codelength value loaded from a firmware file, which could result in an integer overflo...

kernel: wifi: iwlwifi: limit printed string from FW file

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

kernel: wifi: iwlwifi: limit printed string from FW file

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

kernel: wifi: iwlwifi: limit printed string from FW file

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

kernel: wifi: iwlwifi: limit printed string from FW file

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

UBUNTU-CVE-2025-21905

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

CVE-2025-21905

CVE-2025-21905 refers to a Linux kernel issue in the iwlwifi path where a printed string from a firmware TLV could read beyond the buffer due to missing NUL-termination. The root cause is printing beyond the end of the TLV if the file isn’t NUL-terminated, potentially reading past the file buffer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unrestricted string length read from a firmware file...

PT-2023-31746 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1200L version 9.3.5u.6146 B20201023 Description: The issue allows for arbitrary command execution via the "cstecgi.cgi" interface, specifically through the UploadFirmwareFile function. This can be exploited through the /cstecgi.cgi...

Remote code execution

There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root...

CVE-2023-40840

Tenda AC6 USAC6V1.0BRV15.03.05.16multiTD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."...

Design/Logic Flaw

Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a file with modified permissions, allowing him to escalate privileges...

CVE-2019-10542

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesnt match the contents in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music i...

CVE-2017-9384

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a web user interface that allows a user to manage the device. As a part of the functionality the device firmware file contains a file known as relay.sh which allows the device to create relay ports a...

Yi Technology Home Camera 27US Firmware Update Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability...

Yi Technology Home Camera 27US Firmware 7z CRC Collision Vulnerability

Summary An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger this...