CVE-2025-7524

A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible ...

PT-2025-29475 · Totolink · Totolink T6

Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical vulnerability exists in the HTTP POST Request Handler component of TOTOLINK T6. The vulnerability is due to command injection in the clearPairCfg function within the /cgi-bin/cstecgi.cgi...

PT-2025-29473 · Totolink · Totolink T6

Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 Description: A critical issue exists in TOTOLINK T6 version 4.1.5cu.748. The vulnerability is located within the CloudSrvVersionCheck function of the /cgi-bin/cstecgi.cgi file, part of the HTTP POST Request...

CVE-2025-7505

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the atta...

CVE-2025-7506

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can ...

CVE-2025-7506 Tenda FH451 HTTP POST Request Natlimit fromNatlimit stack-based overflow

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can ...

CVE-2025-7468

A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attac...

CVE-2025-7465

A vulnerability classified as critical was found in Tenda FH1201 1.2.0.14. Affected by this vulnerability is the function fromRouteStatic of the file /goform/fromRouteStatic of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attack can ...

CVE-2025-7463

A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declared as critical. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP POST Request Handler. The manipulation of the argument mitssid leads to buffer overflow. The atta...

CVE-2025-7460

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

PT-2025-29349 · Tenda · Tenda Fh451

Name of the Vulnerable Software and Affected Versions: Tenda FH451 version 1.0.0.9 Description: A critical vulnerability exists in Tenda FH451. The manipulation of the page argument in the frmL7ProtForm function within the HTTP POST Request Handler, located at the /goform/L7Prot endpoint, leads t...

PT-2025-29314 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the HTTP POST Request Handler component of the affected product. The fromSafeUrlFilter function within the /goform/fromSafeUrlFilter file is susceptible to a buffer...

PT-2025-29309 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the Tenda FH1201. The fromRouteStatic function within the HTTP POST Request Handler, located in the file /goform/fromRouteStatic, is susceptible to a buffer overflo...

PT-2025-29307 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A critical vulnerability exists in the Tenda FH1201. The vulnerability affects the formWrlsafeset function within the /goform/AdvSetWrlsafeset file of the HTTP POST Request Handler component...

CVE-2025-6953

A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is...

CVE-2025-6940

A vulnerability classified as critical was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflo...

CVE-2025-6939

A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

DLink DIR-859 1.05 & 1.06B01 Path Traversal

The version of DLink installed on the remote host is prior to 1.07b03. It is, therefore, affected by a path traversal vulnerability as referenced in the vendor advisory. - A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown...

CVE-2025-6824

A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible ...

CVE-2025-6751

A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function setdevicelanguage of the file portal.cgi of the component HTTP POST Request Handler. The manipulation of the argument dutlanguage leads to buffer overflow. It is possible t...