CVE-2025-50667

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the iface parameter in the /wanlinedetection.asp endpoint...

EUVD-2025-209357

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the iface parameter in the /wanlinedetection.asp endpoint...

PT-2026-31399

CVE-2025-50667 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the iface parameter in the /wan line detection.asp endpoint. https://t.co/MbzrevF8n3...

CVE-2025-50667

CVE-2025-50667 affects D-Link DI-8003 firmware 16.07.26A1. The vulnerability is a buffer overflow caused by improper handling of the iface parameter in the /wan_line_detection.asp endpoint. The available documents identify the affected product, firmware version, and the vulnerable operation, but ...

Command Injection

Overview systeminformation is a simple system and OS information library. Affected versions of this package are vulnerable to Command Injection via the wifiNetworks function. Although the iface parameter is sanitized, it is passed unsanitized to execSync when a timeout triggers a retry. An attack...

CVE-2021-33357

A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/getnetcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands...

CVE-2024-41314

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the iface parameter in the vifdisable function...

CVE-2025-45493

Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the actionbandwidth function...

CVE-2025-45493

Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the actionbandwidth function...

CVE-2025-45493

Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the actionbandwidth function...

CVE-2025-45493

Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the actionbandwidth function...

CVE-2025-45493

Summary: CVE-2025-45493 affects Netgear EX8000 with firmware v1.0.0.126, where the iface parameter in the action_bandwidth function can cause a Command Injection . Affected product/firmware: Netgear EX8000 V1.0.0.126 (firmware form factor cited across documents). Root cause (as stated): flaw in t...

PT-2025-52766

Name of the Vulnerable Software and Affected Versions Netgear EX8000 version 1.0.0.126 Description The Netgear EX8000 Mesh Extender firmware version 1.0.0.126 contains a Command Injection issue. This occurs due to a flaw in the action bandwidth function, specifically through manipulation of the...

NETGEAR EX8000 安全漏洞

NETGEAR EX8000 is a wireless network signal extender from NETGEAR. A security vulnerability exists in NETGEAR EX8000 version V1.0.0.126, which originates from a command injection in the iface parameter of the actionbandwidth function...

D-Link DI-7100G C1 Command Injection Vulnerability

The D-Link DI-7100G C1 is an enterprise-class router from D-Link, designed for small and medium-sized businesses. The D-Link DI-7100G C1 suffers from a command injection vulnerability that originates from the parameter iface in the file /mspinfo.htm?flag=qos that fails to correctly filter...

CVE-2025-11335

A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub46409C of the file /mspinfo.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out...

CVE-2025-11335

A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub46409C of the file /mspinfo.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out...

CVE-2025-11335 D-Link DI-7100G C1 jhttpd msp_info.htm sub_46409C command injection

A weakness has been identified in D-Link DI-7100G C1 up to 20250928. Affected by this vulnerability is the function sub46409C of the file /mspinfo.htm?flag=qos of the component jhttpd. This manipulation of the argument iface causes command injection. The attack is possible to be carried out...

D-Link DI-7100G 命令注入漏洞

The D-Link DI-7100G C1 is an enterprise-class router from D-Link, designed for small and medium-sized businesses. The D-Link DI-7100G C1 suffers from a command injection vulnerability that originates from the parameter iface in the file /mspinfo.htm?flag=qos that fails to correctly filter...

EUVD-2025-13611

Malicious code in bioql PyPI...