1840 matches found
CVE-2025-4834
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an unknown function of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow...
CVE-2025-4999
A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument supplicantrndiden leads to...
CVE-2025-4998
A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function EditBasicSSID/EditBasicSSID5G/SetAPWifiorLedInfoById/SetMobileAPInfoById/AspSetTimingtimeWifiAndLed/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList o...
CVE-2025-5000 Linksys FGW3000-AH/FGW3000-HK HTTP POST Request sysconf.cgi control_panel_sw command injection
A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function controlpanelsw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command...
CVE-2025-5000 Linksys FGW3000-AH/FGW3000-HK HTTP POST Request sysconf.cgi control_panel_sw command injection
A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function controlpanelsw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command...
CVE-2025-4999
CVE-2025-4999 affects Linksys FGW3000-AH/HK (up to v1.0.17.000000). The HTTP POST Request Handler in /cgi-bin/sysconf.cgi contains function sub_4153FC; manipulating the argument supplicant_rnd_id_en triggers a remote command injection. Public exploit details exist; vendor has not responded to dis...
CVE-2025-4998
Summary: CVE-2025-4998 affects H3C Magic R200G (versions up to 100R002). The issue resides in the HTTP POST Request Handler, specifically the /goform/aspForm component, where manipulating the parameter param in functions such as Edit_BasicSSID, Edit_BasicSSID_5G, SetAPWifiorLedInfoById, SetMobile...
CVE-2025-4998 H3C Magic R200G HTTP POST Request aspForm EditWlanMacList denial of service
A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function EditBasicSSID/EditBasicSSID5G/SetAPWifiorLedInfoById/SetMobileAPInfoById/AspSetTimingtimeWifiAndLed/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList o...
CVE-2025-4998 H3C Magic R200G HTTP POST Request aspForm EditWlanMacList denial of service
A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function EditBasicSSID/EditBasicSSID5G/SetAPWifiorLedInfoById/SetMobileAPInfoById/AspSetTimingtimeWifiAndLed/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList o...
CVE-2025-4997
CVE-2025-4997 affects H3C R2+ProG up to version 200R004. The HTTP POST Request Handler’s /goform/aspForm, specifically UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditMacList/Edit_BasicSSID/Edit_GuestSSIDFor2P4G/Edit_BasicSSID_5G/SetAPInfoById, handles the param argument insecurely, lea...
CVE-2025-4997 H3C R2+ProG HTTP POST Request aspForm SetAPInfoById denial of service
A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/EditBasicSSID/EditGuestSSIDFor2P4G/EditBasicSSID5G/SetAPInfoById of the file /goform/aspForm of the componen...
TOTOLINK A3002R and A3002RU Command Injection Vulnerability
The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a command injection vulnerability that originates from misuse of the /boafrm/formMapDelDevice file of the HTTP POST request...
TOTOLINK A3002R and A3002RU Buffer Overflow Vulnerability (CNVD-2025-11996)
The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU suffer from a buffer overflow vulnerability that stems from improper handling of the file /boafrm/formIpQoS in the HTTP POST request handler. No...
PT-2025-22308 · H3C · H3C Magic R200
Name of the Vulnerable Software and Affected Versions: H3C Magic R200G versions up to 100R002 Description: A vulnerability has been found in the HTTP POST Request Handler component, specifically affecting the function Edit BasicSSID, Edit BasicSSID 5G, SetAPWifiorLedInfoById, SetMobileAPInfoById,...
TOTOLINK A3002R and A3002RU Buffer Overflow Vulnerability
The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a buffer overflow vulnerability that originates from incorrect manipulation of the /boafrm/formPortFw file of the component HTTP...
TOTOLINK A3002R/A3002RU Buffer Overflow Vulnerability
TOTOLINK A3002R and A3002RU are wireless router products under the TOTOLINK brand that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a buffer overflow vulnerability that originates in the /boafrm/formMapDel file in the HTTP POST request...
PT-2025-22296 · H3C · H3C R2+Prog
Name of the Vulnerable Software and Affected Versions: H3C R2+ProG versions up to 200R004 Description: A problematic issue was found in the HTTP POST Request Handler component, specifically in the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/Edit BasicSSID/Edit...
CVE-2025-4832
A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...
CVE-2025-4831
A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formSiteSurveyProfile of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...
CVE-2025-4830
A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this issue is some unknown functionality of the file /boafrm/formSysCmd of the component HTTP POST Request Handler. The manipulation of the argument submit-url...