20 matches found
CVE-2026-2909
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2026-2909
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2026-2909
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2026-2909 Tenda HG9 Diagnostic Ping Endpoint formPing stack-based overflow
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2026-2909 Tenda HG9 Diagnostic Ping Endpoint formPing stack-based overflow
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely...
CVE-2026-2909
CVE-2026-2909 affects Tenda HG9 300001138. The vulnerability exists in the Diagnostic Ping Endpoint at /boaform/formPing, where manipulating the pingAddr argument triggers a stack-based buffer overflow. It is exploitable remotely, and public exploits exist. CVSS metrics indicate high impact acros...
The vulnerability of the microprogramming software of the Guangzhou 1GE ONU terminals V2801RW and V2804RGW arises from the failure to take measures to neutralize special elements used in the operating system commands. This allows attackers to execute arbitrary operating system commands.
The vulnerability of the microprogramming software in the Guangzhou 1GE ONU V2801RW and V2804RGW subscriber terminals is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute...
The vulnerability of the microprogramming software of the Parks Fiberlink 210 exists due to the lack of measures taken to neutralize the special elements used in the operating system’s commands, allowing attackers to execute arbitrary commands on the server.
The vulnerability of the Parks Fiberlink 210 router’s microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system’s commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands on the server using t...
CVE-2023-33617
An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14X000 was found via the /boaform/admin/formPing targetaddr parameter...
Command injection
An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14X000 was found via the /boaform/admin/formPing targetaddr parameter...
Parks Fiberlink 操作系统命令注入漏洞
Parks Fiberlink is a high-performance OLT from Parks designed to deliver ultra-broadband services to large numbers of subscribers in a fast and cost-effective manner. A security vulnerability exists in Parks Fiberlink version 210 2.1.14X000, which stems from a problem with the...
Tenda HG6 3.3.0 Remote Command Injection
Tenda HG6 v3.3.0 Remote Command Injection Vulnerability Vendor: Tenda Technology Co.,Ltd. Product web page: https://www.tendacn.com https://www.tendacn.com/product/HG6.html Affected version: Firmware version: 3.3.0-210926 Software version: v1.1.0 Hardware Version: v1.0 Check Version:...
VulnCheck KEV: CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field...
CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field...
CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field...
Exploit for OS Command Injection in Gpononu 1Ge_Router_Wifi_Onu_V2801Rw_Firmware
A proof of concept for CVE-2020-8958 written in Python. The scri...
CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field. Recent assessments: Assessed Attacker Value: 0...
PT-2020-20395 · V Sol +1 · V-Sol Home Routers +2
Name of the Vulnerable Software and Affected Versions: Guangzhou 1GE ONU V2801RW versions 1.9.1-181203 through 2.9.0-181024 Guangzhou 1GE ONU V2804RGW versions 1.9.1-181203 through 2.9.0-181024 V-SOL Home Routers affected versions not specified Description: The issue allows remote attackers to...
Netlink GPON Router 1.0.11 - Remote Code Execution
Netlink GPON Router 1.0.11 - Remote Code Execution Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls...
Netlink GPON Router 1.0.11 - Remote Code Execution
Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls /&waninf=1INTERNETRVID154"...