CVE-2025-5000 Linksys FGW3000-AH/FGW3000-HK HTTP POST Request sysconf.cgi control_panel_sw command injection

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function controlpanelsw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command...

CVE-2025-5000 Linksys FGW3000-AH/FGW3000-HK HTTP POST Request sysconf.cgi control_panel_sw command injection

A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function controlpanelsw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command...

CVE-2025-5000

CVE-2025-5000 impacts Linksys FGW3000-AH/HK (versions up to 1.0.17.000000). The vulnerability resides in the HTTP POST Request Handler, specifically the /cgi-bin/sysconf.cgi component, in the function control_panel_sw . Manipulating the filename argument in the POST request leads to command injec...

CVE-2025-4999

CVE-2025-4999 affects Linksys FGW3000-AH/HK (up to v1.0.17.000000). The HTTP POST Request Handler in /cgi-bin/sysconf.cgi contains function sub_4153FC; manipulating the argument supplicant_rnd_id_en triggers a remote command injection. Public exploit details exist; vendor has not responded to dis...

CVE-2025-4998 H3C Magic R200G HTTP POST Request aspForm EditWlanMacList denial of service

A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function EditBasicSSID/EditBasicSSID5G/SetAPWifiorLedInfoById/SetMobileAPInfoById/AspSetTimingtimeWifiAndLed/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList o...

CVE-2025-4998 H3C Magic R200G HTTP POST Request aspForm EditWlanMacList denial of service

A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function EditBasicSSID/EditBasicSSID5G/SetAPWifiorLedInfoById/SetMobileAPInfoById/AspSetTimingtimeWifiAndLed/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList o...

CVE-2025-4998

Summary: CVE-2025-4998 affects H3C Magic R200G (versions up to 100R002). The issue resides in the HTTP POST Request Handler, specifically the /goform/aspForm component, where manipulating the parameter param in functions such as Edit_BasicSSID, Edit_BasicSSID_5G, SetAPWifiorLedInfoById, SetMobile...

CVE-2025-4997

A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/EditBasicSSID/EditGuestSSIDFor2P4G/EditBasicSSID5G/SetAPInfoById of the file /goform/aspForm of the componen...

CVE-2025-4997 H3C R2+ProG HTTP POST Request aspForm SetAPInfoById denial of service

A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/EditBasicSSID/EditGuestSSIDFor2P4G/EditBasicSSID5G/SetAPInfoById of the file /goform/aspForm of the componen...

CVE-2025-4997 H3C R2+ProG HTTP POST Request aspForm SetAPInfoById denial of service

A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/EditBasicSSID/EditGuestSSIDFor2P4G/EditBasicSSID5G/SetAPInfoById of the file /goform/aspForm of the componen...

CVE-2025-4997

CVE-2025-4997 affects H3C R2+ProG up to version 200R004. The HTTP POST Request Handler’s /goform/aspForm, specifically UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditMacList/Edit_BasicSSID/Edit_GuestSSIDFor2P4G/Edit_BasicSSID_5G/SetAPInfoById, handles the param argument insecurely, lea...

TOTOLINK A3002R/A3002RU Buffer Overflow Vulnerability

TOTOLINK A3002R and A3002RU are wireless router products under the TOTOLINK brand that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a buffer overflow vulnerability that originates in the /boafrm/formMapDel file in the HTTP POST request...

TOTOLINK A3002R and A3002RU Buffer Overflow Vulnerability (CNVD-2025-11996)

The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU suffer from a buffer overflow vulnerability that stems from improper handling of the file /boafrm/formIpQoS in the HTTP POST request handler. No...

TOTOLINK A3002R and A3002RU Buffer Overflow Vulnerability

The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a buffer overflow vulnerability that originates from incorrect manipulation of the /boafrm/formPortFw file of the component HTTP...

TOTOLINK A3002R and A3002RU Command Injection Vulnerability

The TOTOLINK A3002R and A3002RU are routers from TOTOLINK that support a wide range of network features and services. The TOTOLINK A3002R and A3002RU are vulnerable to a command injection vulnerability that originates from misuse of the /boafrm/formMapDelDevice file of the HTTP POST request...

Linksys FGW3000-AH 注入漏洞

The Linksys FGW3000-AH is a wireless router from Linksys, Inc. An injection vulnerability exists in Linksys FGW3000-AH version 1.0.17.000000 and earlier, which stems from improper handling of the parameter filename by the HTTP POST request handler, which could lead to command injection...

PT-2025-22296 · H3C · H3C R2+Prog

Name of the Vulnerable Software and Affected Versions: H3C R2+ProG versions up to 200R004 Description: A problematic issue was found in the HTTP POST Request Handler component, specifically in the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/Edit BasicSSID/Edit...

PT-2025-22308 · H3C · H3C Magic R200

Name of the Vulnerable Software and Affected Versions: H3C Magic R200G versions up to 100R002 Description: A vulnerability has been found in the HTTP POST Request Handler component, specifically affecting the function Edit BasicSSID, Edit BasicSSID 5G, SetAPWifiorLedInfoById, SetMobileAPInfoById,...

CVE-2025-4832

A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-4831

A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formSiteSurveyProfile of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...