PT-2026-46194

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...

CVE-2026-36603

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExternalIPAddress. UPnP is enabled by default through the admin interface, allowing any unauthenticated LAN device to create arbitrary...

CVE-2026-36603

Mercusys AC12G (EU) V1 router (firmware AC12G(EU)_V1_200909) is affected by a UPnP IGD issue: 15 of 18 UPnP actions are exposed without authentication on port 1900, with UPnP enabled by default via the admin interface. This allows any unauthenticated LAN device to create arbitrary port forwarding...

CVE-2026-44874

A vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Successful exploitation of this vulnerability could result in the disclosure of confidential system...

CVE-2025-13605

3onedata modbus gateway device model GW1101-1DRS-485-TB-P hardware version V2.2.0 allows authenticated users to execute arbitrary shell commands in the context of the root user by providing payload in the "IP address" field of the diagnosis test tools. This issue has been resolved in firmware...

[SECURITY] Fedora 42 Update: miniupnpd-2.3.10-1.fc42

The MiniUPnP daemon is an UPnP IGD & PCP/NAT-PMP daemon for gateway routers. UPnP IGD & PCP/NAT-PMP are used to improve internet connectivity for devices behind a NAT router. Any peer to peer network application such as games, IM, etc. can benefit from a NAT router supporting UPnP IGD & PCP/NAT-P...

[SECURITY] Fedora 43 Update: miniupnpd-2.3.10-1.fc43

The MiniUPnP daemon is an UPnP IGD & PCP/NAT-PMP daemon for gateway routers. UPnP IGD & PCP/NAT-PMP are used to improve internet connectivity for devices behind a NAT router. Any peer to peer network application such as games, IM, etc. can benefit from a NAT router supporting UPnP IGD & PCP/NAT-P...

Softing smartLink HW-DP和Softing smartLink HW-PN 安全漏洞

Both the Softing smartLink HW-DP and Softing smartLink HW-PN are industrial device connectivity gateway devices developed by the German company Softing. The Softing smartLink HW-DP version 1.31 and earlier, as well as the Softing smartLink HW-PN version 1.02 and earlier, contain security...

CVE-2026-27752

CVE-2026-27752 affects SODOLA SL902-SWTGW124AS firmware up to version 200.1.20, where authentication credentials are transmitted over unencrypted HTTP. An attacker on the same network between a user and the device can observe traffic, intercept credentials, and reuse them to gain administrative a...

Socomec DIRIS Digiware M-70 Denial of Service Vulnerability (CNVD-2025-30459)

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A denial of service vulnerability exists in the Socomec DIRIS Digiware M-70 that stems from the...

Socomec DIRIS Digiware M-70 安全漏洞

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. The Socomec DIRIS Digiware M-70 suffers from a plaintext transmission vulnerability that...

Socomec DIRIS Digiware M-70 安全漏洞

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A cross-site request forgery vulnerability exists in the Socomec DIRIS Digiware M-70 that stems...

MINI-QMGW-3QMR-47VF

Bulletin has no description...

EUVD-2024-19476

Malicious code in bioql PyPI...

Microhard BulletLTE‑NA2和Microhard IPn4Gii-NA2 参数注入漏洞

The Microhard BulletLTE-NA2 and Microhard IPn4Gii-NA2 are both gateway devices from Microhard Canada. A parameter injection vulnerability exists in the Microhard BulletLTE-NA2 and Microhard IPn4Gii-NA2, which stems from the presence of post-authentication command injection on the AT+MNNETSP...

Ruijie Networks RG-NBR2600S 安全漏洞

Ruijie Networks RG-NBR2600S is a gateway device from Ruijie Networks China. A security vulnerability exists in Ruijie Networks RG-NBR2600S version 10.34b12, which stems from a lack of length validation, and a buffer overflow vulnerability that could cause a remote target device to crash or execut...

Enphase Envoy 安全漏洞

Enphase Envoy is a gateway device for connecting smart home devices from Enphase USA. A security vulnerability exists in Enphase Envoy version 4.x up to and including version 8.2.4225, which stems from the inclusion of a path traversal vulnerability...

LINKSYS EA7500 安全漏洞

The Linksys EA7500 is a wireless router from Linksys USA. A buffer overflow vulnerability exists in the LINKSYS EA7500 version 3.0.1.207964. The vulnerability stems from an application boundary error when handling untrusted input. A remote attacker could use this vulnerability to execute arbitrar...

SUSE CVE-2007-3744

Heap-based buffer overflow in the UPnP IGD Internet Gateway Device Standardized Device Control Protocol implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet...

Netgear NETGEAR 安全漏洞

Netgear NETGEAR is a router from the American company Netgear. A hardware device that connects two or more networks and acts as a gateway between networks. A security vulnerability exists in NETGEAR devices that stems from a security setting error. The following products and versions are affected...