310 matches found
The vulnerability of the check_dws_cookie function in the /storage directory of the Tenda DAP-1520 router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the checkdwscookie function in the /storage directory of the Tenda DAP-1520 router microprogramming system is related to writing beyond buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by using the host paramet...
The vulnerability of the formSysCmd function in the microprogramming software of the D-Link DIR-600L router allows a hacker to execute arbitrary commands.
The vulnerability of the formSysCmd function in the microprogramming system of the D-Link DIR-600L router is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using the host parameter...
The vulnerability of the set_ws_action function in the /dws/api/ section of the Tenda DAP-1520 router’s software allows a hacker to execute arbitrary code.
The vulnerability of the setwsaction function in the /dws/api/ endpoint of the Tenda DAP-1520 router’s software is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by using the host parameter...
CVE-2022-34607
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp...
CVE-2021-35489
Thruk 2.40-2 allows /thruk/cgi-bin/extinfo.cgi?type=2=HOSTNAME=SERVICENAME=BACKEND Reflected XSS via the host or service parameter. An attacker could inject arbitrary JavaScript into extinfo.cgi. The malicious payload would be triggered every time an authenticated user browses the page containing...
The vulnerability of the formLogin function in the D-Link DIR-600L router’s software allows a hacker to execute arbitrary code.
The vulnerability of the formLogin function in the D-Link DIR-600L router microprogramming system is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by using the host parameter...
The vulnerability of the formWlSiteSurvey function in D-Link DIR-600L router microprogramming software allows a intruder to execute arbitrary code.
The vulnerability of the formWlSiteSurvey function in D-Link DIR-600L router microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code by using the ho...
The vulnerability of the formSetWanL2TP function in the microprogramming software for D-Link DIR-600L router allows a hacker to execute arbitrary code.
The vulnerability of the formSetWanL2TP function in the microprogramming software for D-Link DIR-600L router involves copying buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by using the host parameter...
The vulnerability of the formEasySetupWizard function in the D-Link DIR-600L router’s microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the formEasySetupWizard function in the D-Link DIR-600L router’s microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by using the host...
D-Link DIR-600L 安全漏洞
The D-Link DIR-600L is an entry-level wireless router from China's AUO D-Link that supports 150Mbps wireless transmission and four 100 megabit wired ports. The D-Link DIR-600L suffers from a buffer overflow vulnerability that stems from the parameter host of function formEasySetupWizard3 failing ...
D-Link DIR-600L 安全漏洞
The D-Link DIR-600L is an entry-level wireless router from China's AUO D-Link that supports 150Mbps wireless transmission and four 100 megabit wired ports. The D-Link DIR-600L suffers from a buffer overflow vulnerability that originates from the parameter host of the formSetWANWizard534 function...
D-Link DIR-600L 安全漏洞
The D-Link DIR-600L is an entry-level wireless router from China's AUO D-Link that supports 150Mbps wireless transmission and four 100 megabit wired ports. The D-Link DIR-600L suffers from a buffer overflow vulnerability that stems from the formWlSiteSurvey function parameter host failing to...
D-Link DIR-600L 安全漏洞
The D-Link DIR-600L is a wireless router from China-based AUO D-Link. The D-Link DIR-600L suffers from a buffer overflow vulnerability that originates from the parameter host of the function formEasySetupWizard that fails to correctly validate the length and size of the input data, which can be...
CVE-2025-4135
A vulnerability was found in Netgear WG302v2 up to 5.2.9 and classified as critical. Affected by this issue is the function uigetinputvalue. The manipulation of the argument host leads to command injection. The attack may be launched remotely. The vendor was contacted early about this disclosure...
NETGEAR WG302v2 注入漏洞
The NETGEAR WG302v2 is a wireless access point from NETGEAR. The NETGEAR WG302v2 suffers from a command injection vulnerability that stems from the uigetinputvalue function parameter host failing to properly filter constructor command special characters, commands, and so on. No details of the...
NETGEAR JWNR2000 安全漏洞
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a buffer overflow vulnerability that originates from the defaultversionisnew function parameter host failing to correctly validate the length of the input data, which can be exploited by an attacker to...
NETGEAR JWNR2000 注入漏洞
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a command injection vulnerability that stems from the cmdwireless function parameter host failing to properly filter constructor command special characters, commands, and so on. No details of the...
NETGEAR JWNR2000 安全漏洞
The NETGEAR JWNR2000v2 is a wireless router from NETGEAR. The NETGEAR JWNR2000v2 suffers from a buffer overflow vulnerability that originates from the getcurlangver function parameter host failing to correctly validate the length of the input data, which can be exploited by an attacker to execute...
Authorization Bypass
leantime/leantime is vulnerable to an Authorization Bypass. The vulnerability is due to missing authorization checks on the "Host" parameter, allowing an attacker to access another user's profile information by modifying the parameter...
The vulnerability of the getSaveConfig() function in TOTOLINK CP450 router microprogramming software allows a hacker to induce a service failure.
The vulnerability of the getSaveConfig function in TOTOLINK CP450 router microprogramming software is related to the issue of the operation going beyond the buffer in memory when processing the httphost parameter. Exploiting this vulnerability could allow a remote attacker to cause service...