310 matches found
PT-2026-1682
Name of the Vulnerable Software and Affected Versions Smartliving SmartLAN/G/SI versions 6.x and earlier Description Smartliving SmartLAN/G/SI software is affected by an unauthenticated server-side request forgery issue. The issue resides in the GetImage functionality and is triggered through the...
CVE-2025-14093
A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. Th...
CVE-2025-14092
Edimax BR-6478AC V3 (firmware 1.0.15) is affected by an OS command injection in the sub_416898 function of /boafrm/formDebugDiagnosticRun. The vulnerability can be triggered remotely over the network by manipulating the host argument, with public exploit details available. Multiple connected sour...
Edimax BR-6478AC 操作系统命令注入漏洞
Edimax BR-6478AC is a dual-band gigabit router from China Xunzhou Edimax. An OS command injection vulnerability exists in the Edimax BR-6478AC V3 version 1.0.15, which stems from the incorrect operation of the parameter host in the file /boafrm/formDebugDiagnosticRun, which can lead to os command...
orion-ops 安全漏洞
orion-ops is a one-stop automated operation and maintenance and automated deployment platform by Jiahang Li, an individual developer. A security vulnerability exists in orion-ops, which stems from the misuse of the parameters host/sshPort/username/password/authType in the file...
D-Link多款产品 命令注入漏洞
The D-Link DWR-M920 and others are a router from China-based AUO D-Link. A command injection vulnerability exists in various D-Link products. The vulnerability stems from incorrect manipulation of the parameter host in the file /boafrm/formDebugDiagnosticRun, which can lead to command injection...
CVE-2025-13304
CVE-2025-13304 affects multiple D-Link routers: DWR-M920, DWR-M921, DWR-M960, DWR-M961, and DIR-825M (firmware 1.01.07/1.1.47). The flaw lies in the file path /boafrm/formPingDiagnosticRun; adversarial manipulation of the “host” argument can cause a buffer overflow, enabling a remote attack. Docu...
D-Link多款产品 安全漏洞
D-Link DWR-M920 and others are a router from China-based AUO D-Link. A security vulnerability exists in various D-Link products, which stems from incorrect manipulation of the parameter host in the file /boafrm/formPingDiagnosticRun, which may result in a buffer overflow. The following products a...
PT-2025-47230
Name of the Vulnerable Software and Affected Versions D-Link DWR-M920 version 1.1.5 D-Link DWR-M921 version 1.1.5 D-Link DIR-822K version 1.1.5 D-Link DIR-825M version 1.1.5 Description A security issue exists in D-Link devices that allows for command injection. The system function within the...
CVE-2025-60699
A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the global.so binary. The getSaveConfig function retrieves the httphost parameter from user input via websGetVar and copies it into a fixed-size stack buffer v13 using strcpy without...
PT-2025-47212
Name of the Vulnerable Software and Affected Versions D-Link DWR-M920, DWR-M921, DWR-M960, DWR-M961, and DIR-825M versions 1.01.07 through 1.1.47 Description A security issue has been identified in D-Link routers, specifically affecting the models DWR-M920, DWR-M921, DWR-M960, DWR-M961, and...
CVE-2025-63468
Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the httphost parameter in the sub426EF8 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
EUVD-2025-37373
Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the httphost parameter in the sub426EF8 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2025-63468
Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the httphost parameter in the sub426EF8 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2025-63468
Totolink LR350, version 9.3.5u.6369_B20220309, has a stack overflow in the http_host handling within sub_426EF8. The vulnerability enables Denial of Service through a crafted request sent over the network. Public details consistently describe a stack-buffer/stack overflow without evidence of a fi...
EUVD-2014-3746
Malware in sbrugna...
EUVD-2008-4543
Malware in sbrugna...
EUVD-2019-16869
Malware in sbrugna...
EUVD-2017-7349
Malware in sbrugna...
EUVD-2022-30060
Malicious code in bioql PyPI...