6 matches found
CVE-2025-60855
Reolink Video Doorbell WiFi DB566128M5MPW performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges. NOTE: this is disputed by the Supplier because the integrity of updates is...
CVE-2025-60855
CVE-2025-60855 affects Reolink Video Doorbell WiFi DB_566128M5MP_W. The vulnerability is due to insufficient validation of firmware update signatures, which could allow loading of malicious firmware and result in arbitrary code execution with root privileges. Some sources note the supplier disput...
CVE-2025-31355
A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-31355
CVE-2025-31355 affects the Tenda AC6 V5.0 (V02.03.01.110) firmware. Talos reports a firmware update vulnerability in the Firmware Signature Validation function that allows an attacker to flash a malicious upgrade file, potentially executing arbitrary code. The analysis shows the device validates ...
PT-2025-34048 · Tenda · Tenda Ac6
Name of the Vulnerable Software and Affected Versions: Tenda AC6 version V02.03.01.110 Description: A firmware update vulnerability exists in the Firmware Signature Validation functionality. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicio...
CVE-2023-23772
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a...