CVE-2026-9345

A vulnerability was detected in Edimax EW-7438RPn up to 1.31. This affects the function formWizSurvey of the file /goform/formWizSurvey of the component webs. Performing a manipulation of the argument ssid/manualssid/ip/mask/gateway results in buffer overflow. The attack is possible to be carried...

CVE-2026-9347 Edimax EW-7438RPn webs formWizSurvey os command injection

A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...

CVE-2026-9345

The CVE concerns Edimax EW-7438RPn (firmware up to 1.31) in the webs component, specifically the formWizSurvey function located in /goform/formWizSurvey. The vulnerability arises from a buffer overflow triggered by manipulating arguments such as ssid, manualssid, ip, mask, or gateway. This is des...

CVE-2026-41923

WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the internet.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter. Attackers can exploit...

CVE-2026-41923

WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the internet.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter. Attackers can exploit...

PT-2026-36911

Name of the Vulnerable Software and Affected Versions WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 Description An OS command injection issue exists in the 'internet.cgi' binary. Unauthenticated remote attackers can execute arbitrary shell commands by injecting malicious input into the...

CVE-2026-7685 Edimax BR-6208AC setWAN buffer overflow

A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor...

CVE-2026-7684 Edimax BR-6428nC setWAN buffer overflow

A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be...

OpenClaw

🦞 Moltbot/Clawdbot 1-Click RCE PoC A simplified, single-scrip...

CVE-2026-1544

A security flaw has been discovered in D-Link DIR-823X 250416. Impacted is the function sub41E2A0 of the file /goform/setmode. Performing a manipulation of the argument langateway results in os command injection. The attack is possible to be carried out remotely. The exploit has been released to...

CVE-2026-1544

CVE-2026-1544 affects D-Link DIR-823X (firmware 250416). The vulnerability is in the function sub_41E2A0 of /goform/set_mode, where manipulation of the lan_gateway argument enables remote command injection. Exploitation has been publicly released, and the issue affects devices no longer supported...

D-Link DIR-823X: Operating System Command Injection Vulnerability

The D-Link DIR-823X is a wireless router produced by D-Link Corporation. The D-Link DIR-823X 250416 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of the parameter “langateway” in the function sub41E2A0 within the...

EUVD-2025-5929

Malicious code in bioql PyPI...

Linksys多款产品 安全漏洞

Linksys RE6300 and others are products of Linksys, Inc.Linksys RE6300 is a wireless network signal extender.Linksys RE6250 is a wireless extender.Linksys RE6500 is a wireless extender. A security vulnerability exists in various Linksys products, which stems from the incorrect operation of the...

CVE-2025-25610

TOTOlink A3002R V1.1.1-B20200824.0128 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the staticgw parameter in the formIpv6Setup interface of /bin/boa...

TOTOLINK A3002R 安全漏洞

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK A3002R version V1.1.1-B20200824.0128, which stems from the staticgw parameter failing to correctly validate the length and size of the input data, and can be exploit...

D-Link DSL-3782 安全漏洞

The D-Link DSL-3782 is a wireless router from Taiwan, China-based D-Link. The D-Link DSL-3782 suffers from a buffer overflow vulnerability that originates in the destination, netmask, and gateway parameters, which can be exploited by an attacker to cause a denial of service...

D-Link DSL-3782 安全漏洞

The D-Link DSL-3782 is a wireless router from China-based AUO D-Link. The D-Link DSL-3782 suffers from a buffer overflow vulnerability that originates in the destination, netmask and gateway parameters, which can be exploited by an attacker to cause a denial of service...

PT-2025-7110 · D Link · D-Link Dsl-3782

Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 version 1.01 Description: A buffer overflow issue was discovered via the destination, netmask, and gateway parameters. This issue allows attackers to cause a Denial of Service DoS via a crafted packet. Recommendations: For...

PT-2025-7113 · Tp Link · Tp-Link Tl-Wr841Nd

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841ND version V11 Description: A buffer overflow issue was discovered via the gw parameter at "/userRpm/WanDynamicIpV6CfgRpm.htm". This allows attackers to cause a Denial of Service DoS via a crafted packet. Recommendations: For...