10 matches found
EUVD-2026-27586
In the Linux kernel, the following vulnerability has been resolved: net: afkey: zero aligned sockaddr tail in PFKEY exports PFKEY export paths use pfkeysockaddrsize when reserving sockaddr payload space, so IPv6 addresses occupy 32 bytes on the wire. However, pfkeysockaddrfill initializes only th...
EUVD-2025-16738
Malicious code in bioql PyPI...
TOTOLINK A3002RU NAT Mapping Page Component Cross-Site Scripting Vulnerability
TOTOLINK A3002RU is a wireless router product from China's Gion Electronics TOTOLINK. The TOTOLINK A3002RU suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the NAT Mapping Page component parameter Comment, for...
CVE-2025-5506
The CVE-2025-5506 entry affects TOTOLINK A3002RU (firmware 2.1.1-B20230720.1011) in the NAT Mapping Page component. The vulnerability stems from manipulation of the Comment parameter, enabling cross-site scripting (XSS). It is exploitable remotely and reportedly had an exploit disclosed publicly....
CVE-2025-5506 TOTOLINK A3002RU NAT Mapping Page cross site scripting
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2025-5506 TOTOLINK A3002RU NAT Mapping Page cross site scripting
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The...
PT-2025-23633 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002RU version 2.1.1-B20230720.1011 Description: A vulnerability was found in the NAT Mapping Page component of the affected software. The issue is related to the manipulation of the Comment argument, which leads to cross-site...
NetBIOS Response BadTunnel Brute Force Spoof (NAT Tunnel)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Response "BadTunnel" Brute Force Spoof NAT Tunnel', 'Description' = %q This module listens for a NetBIOS name request and then continuous...
New SnailLoad Attack Exploits Network Latency to Spy on Users' Web Activities
A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user's web activity. "SnailLoad exploits a bottleneck present on all Internet connections," the researchers said in a study...
TP-LINK TL-7DR5130 Security Vulnerability
TP-LINK TL-7DR5130 is a wireless router from China P&L TP-LINK. A security vulnerability exists in TP-LINK TL-7DR5130 v1.0.23, which stems from vulnerability to TCP DoS or hijacking attacks, where an attacker can evict the NAT mapping in the router by sending a forged TCP RST message to disconnec...