CVE-2021-25812

Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with a POST request to /api/ZRQos/setonlineclient...

CVE-2020-18013

SQL Injextion vulnerability exists in Whatsns 4.0 via the ip parameter in index.php?adminbanned/add.htm...

PLANET FW-WGS-804HPT 安全漏洞

Planet FW-WGS-804HPT is a wall mounted managed switch from Planet China. The Planet FW-WGS-804HPT suffers from a buffer overflow vulnerability that originates from the failure of the remoteip parameter in the websnmpv3remoteengineIdaddpost function to properly validate the length of the input dat...

CVE-2025-44891

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the hostip parameter in the websnmpv3hostaddpost function...

CVE-2025-44890

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the hostip parameter in the websnmpnotifyv3addpost function...

PT-2025-22303 · Unknown · Fw-Wgs-804Hpt

Name of the Vulnerable Software and Affected Versions: FW-WGS-804HPT version 1.305b241111 Description: A stack overflow issue was discovered via the host ip parameter in the web snmp v3host add post function. Recommendations: For FW-WGS-804HPT version 1.305b241111, consider restricting access to...

The vulnerability of the recvSlaveCloudCheckStatus() function in the microprogramming software for TOTOLINK T8 allows a hacker to execute arbitrary commands.

The vulnerability of the recvSlaveCloudCheckStatus function in the microprogramming software for TOTOLINK T8 routers is related to the lack of measures taken to clean data at the management level when processing the ip parameter. Exploiting this vulnerability allows a remote attacker to execute...

Tenda AC7 安全漏洞

Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which is caused by improper handling of the pptpserverstartip/pptpserverendip parameters in the formSetPPTPServer function in the /goform/SetPptpServerCfg file...

CVE-2025-28398

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsecnetasp function via the remotip parameter...

CVE-2025-28395

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsecroadasp function via the hostip parameter...

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is a wireless broadband router designed for small to medium-sized network environments from China's D-Link. A buffer overflow vulnerability exists in the D-Link DI-8100 version 16.07.26A1, which originates from the failure of the remoteip parameter in the ipsecnetasp function t...

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is a wireless broadband router designed for small to medium-sized network environments from China's D-Link. A buffer overflow vulnerability exists in the D-Link DI-8100 version 16.07.26A1, which originates from the hostip parameter in the ipsecroadasp function failing to proper...

CVE-2025-28398

D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsecnetasp function via the remotip parameter...

CVE-2025-2095

A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-1819

A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. Affected is the function TendaTelnet of the file /goform/telnet. The manipulation of the argument lanip leads to os command injection. It is possible to launch the attack remotely. The exploit has been...

WordPress plugin Subscribe2 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Subscribe2 plugin <= 10.43 - Unauthenticated Stored Cross-Site Scripting via IP Parameter vulnerability

Unauthenticated Stored Cross-Site Scripting via IP Parameter vulnerability discovered by mikemyers in WordPress Plugin Subscribe2 versions = 10.43...

The vulnerability of the httpGetEnv() function (/userRpm/WanStaticIpV6CfgRpm.htm) in the TP-Link TL-WR841ND router software allows a attacker to cause a service failure.

The vulnerability of the httpGetEnv function /userRpm/WanStaticIpV6CfgRpm.htm in the TP-Link TL-WR841ND router software is related to buffer overflows caused by improper cleaning or resource release when processing the ip parameter. Exploiting this vulnerability allows a remote attacker to cause...

CVE-2024-34944

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient...

CVE-2022-25305

The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the IP parameter found in the /includes/class-wp-statistics-ip.php file which allows attackers to inject arbitrary web scripts onto several pages that execute when site...