PT-2026-3432

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A flaw exists in the Totolink LR350 device. This issue is located within the setDiagnosisCfg function of the /cgi-bin/cstecgi.cgi file, part of the POST Request Handler component...

PT-2024-17010 · WordPress · Country Blocker

Name of the Vulnerable Software and Affected Versions: Country Blocker plugin for WordPress versions up to, and including, 3.2 Description: The issue is related to Reflected Cross-Site Scripting via the ip parameter due to insufficient input sanitization and output escaping. This allows...

CVE-2024-52755

D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the hostip parameter in the ipsecroadasp function...

The vulnerability in the pppoe.cgi script of NETGEAR’s router microprogramming software for the XR300, R7000P, and R6400 v2 allows a hacker to cause a service failure.

The vulnerability of the pppoe.cgi script in NETGEAR’s microprogrammed router software, including the XR300, R7000P, and R6400 v2 models, stems from a buffer overflow issue during the processing of the pppoelocalip parameter. Exploiting this vulnerability allows an attacker to initiate a...

CVE-2024-52759

D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ippositionasp function...

CVE-2024-52711

DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ippositionasp function via the ip parameter...

CVE-2024-52711

DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ippositionasp function via the ip parameter...

CVE-2024-52711

CVE-2024-52711 affects the D-Link DI-8100 router (v16.07.26A1). The vulnerability is a Buffer Overflow in the ip_position_asp function triggered via the ip parameter, caused by insufficient validation of the input data length/size. Documented implications indicate potential denial of service due ...

CVE-2024-52759

CVE-2024-52759 affects the D-LINK DI-8003, version 16.07.26A1, where a buffer overflow occurs in the ip_position_asp function triggered by the ip parameter. Public sources describe potential arbitrary code execution or denial of service vectors, with the NVD noting a CRITICAL severity (CVSSv3.1: ...

CVE-2024-52759

D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ippositionasp function...

CVE-2024-52759

D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ippositionasp function...

CVE-2024-51495 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the "overwriteip" parameter when editing a device. This vulnerability results i...

Cross-site Scripting (XSS)

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the overwriteip parameter in dev-overview-data.inc.php. PoC Pass in an overwriteip...

PT-2024-34659 · Librenms · Librenms

Name of the Vulnerable Software and Affected Versions: LibreNMS versions prior to 24.10.0 Description: A Stored Cross-Site Scripting XSS vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the overwrite ip parameter when editing a device. Th...

CVE-2024-25254

SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter...

Foundstone SuperScan 安全漏洞

Foundstone SuperScan is a free connection-based port scanning software from Foundstone, Inc. A security vulnerability exists in Foundstone SuperScan version v4.1 that stems from the discovery of a contained buffer overflow issue via the Hostname/IP parameter...

CVE-2024-25254

CVE-2024-25254 affects SuperScan v4.1, with a buffer overflow via the Hostname/IP parameter. The issue is described as a critical/remote flaw impacting confidentiality, integrity, and availability (CVSS 9.8, Network vector). Remediation guidance across connected sources includes applying a patch ...

CVE-2024-25254

SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter...

CVE-2024-52025

Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoelocalip parameter at geniepppoe.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

ELADMIN 安全漏洞

ELADMIN is a backend management system for elunez individual developers. A security vulnerability exists in ELADMIN v2.7 and earlier versions, which stems from a server-side request forgery in the HTTP Body ip parameter...