Lucene search
+L

15 matches found

redhatcve
redhatcve
added 2026/02/23 7:26 a.m.6 views

CVE-2026-2910

A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

9CVSS6AI score0.02605EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/02/22 2:32 a.m.7 views

CVE-2026-2910

A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

9CVSS6.3AI score0.02605EPSS
Exploits1References5Affected Software1
ptsecurity
ptsecurity
added 2026/02/22 12:0 a.m.7 views

PT-2026-21410

Name of the Vulnerable Software and Affected Versions Tenda HG9 version 300001138 Description A security flaw exists in the Tenda HG9 router's Diagnostic Ping component. The issue stems from a stack-based buffer overflow caused by improper handling of input in the pingAddr argument of the...

9CVSS7.7AI score0.00556EPSS
Exploits1References13
redhatcve
redhatcve
added 2025/11/18 10:49 p.m.9 views

CVE-2025-13304

A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated...

9CVSS7.3AI score0.00807EPSS
Exploits1References1
cvelist
cvelist
added 2025/11/17 10:32 p.m.15 views

CVE-2025-13304 D-Link DWR-M920/DWR-M921/DWR-M960/DWR-M961/DIR-825M formPingDiagnosticRun buffer overflow

A security flaw has been discovered in D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961 and DIR-825M 1.01.07/1.1.47. This vulnerability affects unknown code of the file /boafrm/formPingDiagnosticRun. Performing manipulation of the argument host results in buffer overflow. The attack may be initiated...

9CVSS0.00807EPSS
Exploits1References9
redhatcve
redhatcve
added 2025/10/08 2:13 p.m.5 views

CVE-2025-54400

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

8.8CVSS7.5AI score0.00678EPSS
Exploits1References1
osv
osv
added 2025/10/07 2:15 p.m.5 views

CVE-2025-54406

Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command...

8.8CVSS6AI score0.04229EPSS
Exploits1References2
nvd
nvd
added 2025/10/07 2:15 p.m.7 views

CVE-2025-54400

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

8.8CVSS0.00678EPSS
Exploits1References2
cve
cve
added 2025/10/07 1:55 p.m.15 views

CVE-2025-54400

Planet WGR-500 v1.3411b190912 contains multiple stack-based buffer overflow vulnerabilities in the formPingCmd function. The code builds a ping command using three inputs (ipaddr, counts, submit-url) and writes into 100-byte ping_command, 260-byte buffer_260, and 32-byte buffer_32 without proper ...

8.8CVSS7.2AI score0.00678EPSS
Exploits1References2Affected Software1
euvd
euvd
added 2025/10/07 1:55 p.m.6 views

EUVD-2025-32864

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

8.8CVSS7AI score0.00708EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 1:55 p.m.6 views

EUVD-2025-32868

A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability...

8.8CVSS6.4AI score0.04421EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2025/10/07 1:55 p.m.3 views

CVE-2025-54406

Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command...

8.8CVSS7.5AI score0.04229EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/10/07 12:0 a.m.4 views

Planet WGR-500 安全漏洞

The Planet WGR-500 is a WiFi router from Planet Corporation of Taiwan, China. A security vulnerability exists in the Planet WGR-500 v1.3411b190912 version, which stems from a stack buffer overflow in the counts request parameter in the formPingCmd function, which could lead to the execution of...

8.8CVSS7.3AI score0.00678EPSS
Exploits1References1
talos
talos
added 2025/10/07 12:0 a.m.4 views

Planet WGR-500 formPingCmd OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2025-2229 Planet WGR-500 formPingCmd OS command injection vulnerabilities October 7, 2025 CVE Number CVE-2025-54406,CVE-2025-54405 SUMMARY Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A...

8.8CVSS8AI score0.04229EPSS
Exploits2
osv
osv
added 2022/12/25 7:15 p.m.6 views

CVE-2022-40005

Intelbras WiFiber 120AC inMesh before 1-1-220826 allows command injection by authenticated users, as demonstrated by the /boaform/formPing6 and /boaform/formTracert URIs for ping and traceroute...

8.8CVSS5.8AI score0.34785EPSS
Exploits3References2
Rows per page
Query Builder