CVE-2026-9360

A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. The attack can be launched remotely...

CVE-2026-9360 Edimax EW-7438RPn POST Request formwlencrypt24g buffer overflow

A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. The attack can be launched remotely...

CVE-2026-9360 Edimax EW-7438RPn POST Request formwlencrypt24g buffer overflow

A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. The attack can be launched remotely...

PT-2026-42918

Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.28a Description A buffer overflow can be triggered remotely via the POST Request Handler component. The issue exists in the formwlencrypt24g function within the '/goform/formwlencrypt24g' endpoint when manipulating...

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. The Edimax EW-7438RPn version 1.28a has a security vulnerability. This vulnerability stems from improper handling of the parameter “key1” by the formwlencrypt24g function in the component POST Request Handler...

D-Link DIR-816 安全漏洞

The D-Link DIR-816 is a wireless router produced by D-Link Corporation. The D-Link DIR-816 1.10CNB05 version has a security vulnerability. This vulnerability stems from incorrect handling of parameters key1/key2/key3/key4/pskValue in the file/goform/form2RepeaterStep2.cgi, which may lead to a sta...

PT-2026-20499

IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the KEY1, IP, HOST, or DOM parameters to...

EUVD-2022-47141

Malicious code in bioql PyPI...

CVE-2022-44191

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2...

CVE-2022-44191

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2...

CVE-2022-44191

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2...

CVE-2018-20958

The Bluetooth Low Energy BLE subsystem on Tapplock devices before 2018-06-12 relies on Key1 and SerialNo for unlock operations; however, these are derived from the MAC address, which is broadcasted by the device...

CVE-2018-10736

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1 parameter...