Lucene search
K

38 matches found

RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.6 views

CVE-2026-7674

A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function startsingleservice of the component Web Management Interface. Executing a manipulation of the argument vpnpptpserver/vpnl2tpserver can lead to buffer overflow. The attack can be executed...

9CVSS7.7AI score0.00481EPSS
Exploits0References1
NVD
NVD
added 2026/05/03 3:16 a.m.13 views

CVE-2026-7675

A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function startlan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been...

9CVSS0.00702EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/03 2:30 a.m.6 views

CVE-2026-7675

A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function startlan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been...

9CVSS7.6AI score0.00702EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/03 2:30 a.m.12 views

EUVD-2026-26809

A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function startlan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been...

9CVSS6.1AI score0.00702EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/03 2:30 a.m.38 views

CVE-2026-7675 Shenzhen Libituo Technology LBT-T300-HW1 apply.cgi start_lan buffer overflow

A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function startlan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been...

9CVSS0.00702EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/03 2:30 a.m.8 views

CVE-2026-7675 Shenzhen Libituo Technology LBT-T300-HW1 apply.cgi start_lan buffer overflow

A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function startlan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been...

9CVSS7.6AI score0.00702EPSS
Exploits0References5
CVE
CVE
added 2026/05/03 2:30 a.m.23 views

CVE-2026-7675

CVE-2026-7675 affects Shenzhen Libituo Technology LBT-T300-HW1 devices older than or equal to 1.2.8. The vulnerability is in the function start_lan of the file /apply.cgi , where manipulation of the argument Channel/ApCliSsid leads to a buffer overflow . The issue is exploitable remotely, and pub...

9CVSS7.6AI score0.00702EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/03 1:30 a.m.3 views

CVE-2026-7674

A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function startsingleservice of the component Web Management Interface. Executing a manipulation of the argument vpnpptpserver/vpnl2tpserver can lead to buffer overflow. The attack can be executed...

9CVSS7.7AI score0.00481EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/03 1:30 a.m.6 views

CVE-2026-7674 Shenzhen Libituo Technology LBT-T300-HW1 Web Management start_single_service buffer overflow

A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function startsingleservice of the component Web Management Interface. Executing a manipulation of the argument vpnpptpserver/vpnl2tpserver can lead to buffer overflow. The attack can be executed...

9CVSS7.7AI score0.00481EPSS
Exploits0References5
CVE
CVE
added 2026/05/03 1:30 a.m.21 views

CVE-2026-7674

Affects Shenzhen Libituo Technology LBT-T300-HW1 (firmware up to 1.2.8). The Web Management Interface’s start_single_service function is vulnerable when handling vpn_pptp_server/vpn_l2tp_server arguments, enabling a remote buffer overflow. No remediation or patch details are provided in the docum...

9CVSS7.6AI score0.00481EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.15 views

PT-2026-36676

Name of the Vulnerable Software and Affected Versions Shenzhen Libituo Technology LBT-T300-HW1 versions prior to 1.2.8 Description A remote buffer overflow can occur due to the manipulation of the Channel/ApCliSsid argument in the start lan function within the '/apply.cgi' endpoint. A buffer...

9CVSS7.7AI score0.00702EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.9 views

PT-2026-36673

Name of the Vulnerable Software and Affected Versions Shenzhen Libituo Technology LBT-T300-HW1 versions prior to 1.2.8 Description A buffer overflow exists in the Web Management Interface component. A remote attacker can trigger this issue by manipulating the vpn pptp server or vpn l2tp server...

9CVSS7.5AI score0.00481EPSS
Exploits0References16
CNNVD
CNNVD
added 2025/07/31 12:0 a.m.4 views

MB connect line mbNET 安全漏洞

MB Connect Line mbNET is an industrial router from MB Connect Line, Germany. A security vulnerability exists in MB connect line mbNET HW1 and mbNET/mbNET.rokey, which stems from an undocumented method of bypassing the LUA sandbox and could lead to the execution of arbitrary OS commands...

7.2CVSS7AI score0.0064EPSS
Exploits0References2
NVD
NVD
added 2023/10/11 4:15 p.m.33 views

CVE-2023-34356

An OS command injection vulnerability exists in the data.cgi xferdns functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8CVSS7.6AI score0.05513EPSS
Exploits1References2
OSV
OSV
added 2023/10/11 4:15 p.m.5 views

CVE-2023-34354

A stored cross-site scripting XSS vulnerability exists in the uploadbrand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an authenticated HTTP request to...

5.4CVSS7.4AI score0.0081EPSS
Exploits1References2
OSV
OSV
added 2023/10/11 4:15 p.m.4 views

CVE-2023-34356

An OS command injection vulnerability exists in the data.cgi xferdns functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8CVSS7.3AI score0.05513EPSS
Exploits1References2
NVD
NVD
added 2023/10/11 4:15 p.m.23 views

CVE-2023-35194

An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerabilit...

8.8CVSS7.7AI score0.05604EPSS
Exploits1References2
NVD
NVD
added 2023/10/11 4:15 p.m.37 views

CVE-2023-34354

A stored cross-site scripting XSS vulnerability exists in the uploadbrand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an authenticated HTTP request to...

5.4CVSS4.4AI score0.0081EPSS
Exploits1References2
Prion
Prion
added 2023/10/11 4:15 p.m.19 views

Command injection

An OS command injection vulnerability exists in the admin.cgi MVPNtrialinit functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

6.5CVSS8.8AI score0.05913EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/10/11 4:15 p.m.19 views

Command injection

An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerabilit...

6.5CVSS8.8AI score0.05604EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder