CVE-2026-9477

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is...

CVE-2026-9477

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is...

EUVD-2026-31710

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is...

PT-2026-35378

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

CVE-2026-5153

CVE-2026-5153 concerns Tenda CH22 (v1.0.0.1). The flaw is in the function FormWriteFacMac of the file /goform/WriteFacMac. Manipulating the mac argument can lead to arbitrary command execution, potentially exploitable by an attacker over the network. The vulnerability description notes that the a...

CVE-2026-4554

A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the...

CVE-2026-2082

CVE-2026-2082 affects D-Link DIR-823X (build 250416). The flaw lies in the /goform/set_mac_clone path where manipulating the argument mac allows an os command injection due to an identified vulnerable function. This enables remote attackers to execute commands with high privileges; exploitation i...

EUVD-2026-5731

A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/setmacclone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used...

PT-2026-6900

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in D-Link DIR-823X 250416 that allows remote attackers to execute operating system commands. This is achieved by manipulating the mac argument within the /goform/set mac clone file throu...

CVE-2026-1506

A vulnerability was determined in D-Link DIR-615 4.10. Impacted is an unknown function of the file /advmacfilter.php of the component MAC Filter Configuration. This manipulation of the argument mac causes os command injection. The attack is possible to be carried out remotely. The exploit has bee...

CVE-2025-14992

A security vulnerability has been detected in Tenda AC18 15.03.05.05. The impacted element is the function strcpy of the file /goform/GetParentControlInfo of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. Remote exploitation of the...

CVE-2025-14992

A security vulnerability has been detected in Tenda AC18 15.03.05.05. The impacted element is the function strcpy of the file /goform/GetParentControlInfo of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. Remote exploitation of the...

CVE-2025-14992 Tenda AC18 HTTP Request GetParentControlInfo strcpy stack-based overflow

A security vulnerability has been detected in Tenda AC18 15.03.05.05. The impacted element is the function strcpy of the file /goform/GetParentControlInfo of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. Remote exploitation of the...

EUVD-2025-199945

A vulnerability was found in ADSLR NBR1005GPEV2 250814-r037c. This issue affects the function setmeshdisconnect of the file /sendorder.cgi. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could b...

EUVD-2025-199941

A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function apmacfilterdel of the file /sendorder.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

PT-2025-48403

Name of the Vulnerable Software and Affected Versions ADSLR NBR1005GPEV2 version 250814-r037c Description A flaw exists in ADSLR NBR1005GPEV2 250814-r037c that allows for remote command injection. The issue is located within the ap macfilter del function of the /send order.cgi file. Manipulation ...

PT-2025-48401

Name of the Vulnerable Software and Affected Versions ADSLR NBR1005GPEV2 version 250814-r037c Description A flaw exists in ADSLR NBR1005GPEV2 250814-r037c. The issue is related to the ap macfilter add function within the /send order.cgi file. Manipulation of the mac argument can result in command...

CVE-2025-11549

A vulnerability has been found in Tenda W12 3.0.0.63948. The affected element is the function wifiMacFilterSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. The attack is possible to be carried out...

CVE-2025-11549

A vulnerability has been found in Tenda W12 3.0.0.63948. The affected element is the function wifiMacFilterSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. The attack is possible to be carried out...

EUVD-2025-26203

Malicious code in bioql PyPI...