PT-2025-33133 · D Link · D-Link Dir-825

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 version 2.10 Description: A vulnerability exists in the httpd component of D-Link DIR-825 version 2.10. The vulnerability is located in the get ping app stat function within the ping response.cgi file. Manipulation of the ping...

CVE-2025-7614

A vulnerability classified as critical has been found in TOTOLINK T6 4.1.5cu.748. Affected is the function delDevice of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ipAddr leads to command injection. It is possible to launch the attack...

TOTOLINK T6 注入漏洞

TOTOLINK T6 is a wireless dual-band router from China's TOTOLINK Electronics TOTOLINK that supports MQTT protocol and Telnet service. The TOTOLINK T6 suffers from a command injection vulnerability that originates from the failure of the function delDevice's parameter ipAddr to correctly filter...

CVE-2024-30568

Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter...

CVE-2022-29322

D-Link DIR-816 A2v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip...

CVE-2024-57544

Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field lanipaddr is copied to the stack without length verification...

Linksys E8450 安全漏洞

The Linksys E8450 is an E-series wireless router from Linksys USA. A buffer overflow vulnerability exists in Linksys E8450 v1.2.00.360516, which originates when the lanipaddr parameter is copied to the stack without length validation, and can be exploited by a remote attacker to execute arbitrary...

PT-2024-10258 · Linksys · Linksys E8450

Name of the Vulnerable Software and Affected Versions: Linksys E8450 version 1.2.00.360516 Description: A buffer overflow issue was discovered, where the lan ipaddr field is copied to the stack without length verification. This could allow a remote attacker to cause a denial of service. The...

The vulnerability of D-Link DSL-2640U and DSL-2540U router microprogramming systems lies in the lack of measures to neutralize special elements used in the operating system’s command set, allowing attackers to execute arbitrary commands.

The vulnerability of D-Link DSL-2640U and DSL-2540U router microprogramming systems lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands using metasymbols within the...

D-Link DAP-1325 lan_ipaddr stack buffer overflow vulnerability

D-Link DAP-1325 is a wireless access point/bridge made by D-Link, which is mainly used to extend the wireless network coverage, support the conversion of wired network to wireless network or connect to different wireless networks. The D-Link DAP-1325 suffers from a stack buffer overflow...

Malicious code in activemodel-ipaddr-validator (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6464 Malicious code in activemodel-ipaddr-validator (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

CVE-2023-41190

D-Link DAP-1325 HNAP SetAPLanSettings IPAddr Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. Th...

NETGEAR R6850 c4-IPAddr Parameter Command Injection Vulnerability

The NETGEAR R6850 is a wireless router from NETGEAR. The NETGEAR R6850 suffers from a command injection vulnerability that stems from the c4-IPAddr parameter failing to properly filter constructed command special characters, commands, and so on. An attacker can exploit this vulnerability to cause...

CVE-2024-30568

Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter...

CVE-2024-30568

Netgear R6850 router, firmware v1.1.0.88, is affected by a command injection vulnerability in the ping_test function triggered via the c4_IPAddr parameter. The issue arises because input is not properly validated/filtered, allowing an unauthenticated attacker to inject arbitrary system commands, ...

CVE-2024-30568

Netgear R6850 1.1.0.88 was discovered to contain a command injection vulnerability via the c4-IPAddr parameter...

CVE-2024-28447

Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lanipaddr parameters at /apply.cgi...

CVE-2024-2330

A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /protocol/index.php. The manipulation of the argument IPAddr leads to sql injection. It is possible to initiate the attack remotely. The...

kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c

A use-after-free flaw was found in reconnsetipaddrfromhostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server-hostname to NULL, leading to an invalid pointer request...