CVE-2026-6988

The CVE-2026-6988 entry concerns Tenda HG10 devices (Boa Service) where the formRoute function in /boaform/formRouting is vulnerable to a buffer overflow caused by manipulating the nextHop argument. The flaw allows remote initiation of an attack, and the description notes that an exploit has been...

Tenda HG10 缓冲区错误漏洞

The Tenda HG10 is a Wi-Fi router produced by the Chinese company Tenda. The Tenda HG10 has a buffer overflow vulnerability, which stems from improper handling of the nextHop parameter in the formRoute function within the Boa Service component. This improper handling can lead to a buffer overflow...

CVE-2025-15257

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

CVE-2025-15257

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

CVE-2025-15257

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

CVE-2025-15257 Edimax BR-6208AC Web-based Configuration formRoute command injection

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The...

CVE-2025-15257

Edimax BR-6208AC (versions 1.02–1.03) Web-based Configuration Interface has a command-injection flaw in the formRoute function located at /gogorm/formRoute. Manipulating the strIp, strMask, or strGateway parameters enables remote code execution. The exploit is publicly available. Edimax states th...

PT-2025-54198

Name of the Vulnerable Software and Affected Versions Edimax BR-6208AC versions 1.02 through 1.03 Description A security flaw exists in the Web-based Configuration Interface component of Edimax BR-6208AC. The formRoute function within the /gogorm/formRoute file is susceptible to command injection...

CVE-2025-8246

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formRoute of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The...

CVE-2025-6487

A vulnerability was found in TOTOLINK A3002R 1.1.1-B20200824.0128. It has been rated as critical. This issue affects the function formRoute of the file /boafrm/formRoute. The manipulation of the argument subnet leads to stack-based buffer overflow. The attack may be initiated remotely. The exploi...

TOTOLINK A3002R 安全漏洞

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3002R suffers from a stack buffer overflow vulnerability, which originates from the parameter subnet in the file /boafrm/formRoute failing to correctly validate the length and size of the input data, which...

CVE-2023-51133

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute...

CVE-2023-41251

A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

Realtek AP-Router SDK Security Vulnerability

Realtek AP-Router SDK is a software package for wireless chipsets from Realtek Semiconductor Realtek, a Chinese company. A security vulnerability exists in the Realtek AP-Router SDK that stems from a stack-based buffer overflow vulnerability in the boa formRoute feature, which can lead to remote...

Realtek rtl819x Jungle SDK boa formRoute stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1894 Realtek rtl819x Jungle SDK boa formRoute stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-41251 SUMMARY A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11....

TOTOLINK X2000R formRoute function buffer overflow vulnerability

TOTOLINK X2000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK X2000R suffers from a buffer overflow vulnerability that originates from the failure of the formRoute function to properly validate the length of input data, which can be exploited by an attacker to execute...

CVE-2023-51133

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute...

CVE-2023-51133

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute...

CVE-2023-51133

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute...

Stack overflow

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formRoute...