13 matches found
CVE-2024-39762
Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...
EUVD-2024-38356
Malicious code in bioql PyPI...
Linksys多款产品 命令注入漏洞
The Linksys RE6250, among others, is a wireless extender from Linksys USA. A command injection vulnerability exists in various Linksys products. The vulnerability stems from improper manipulation of the staticIp and staticNetmask parameters by the RPsetBasicAuto function, which may result in os...
PT-2025-32503 · Linksys · Linksys Re9000 +5
Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 versions up to 20250801 Description: A vulnerability exists due to os command injection. The RP setBasicAuto function within the /goform/RP setBasicAuto file is affected. Manipulation ...
CVE-2025-25896
A buffer overflow vulnerability was discovered in D-Link DSL-3782 v1.01 via the destination, netmask, and gateway parameters. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted packet...
D-Link DSL-3782 安全漏洞
The D-Link DSL-3782 is a wireless router from Taiwan, China-based D-Link. The D-Link DSL-3782 suffers from a buffer overflow vulnerability that originates in the destination, netmask, and gateway parameters, which can be exploited by an attacker to cause a denial of service...
D-Link DSL-3782 安全漏洞
The D-Link DSL-3782 is a wireless router from China-based AUO D-Link. The D-Link DSL-3782 suffers from a buffer overflow vulnerability that originates in the destination, netmask and gateway parameters, which can be exploited by an attacker to cause a denial of service...
PT-2025-7110 · D Link · D-Link Dsl-3782
Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 version 1.01 Description: A buffer overflow issue was discovered via the destination, netmask, and gateway parameters. This issue allows attackers to cause a Denial of Service DoS via a crafted packet. Recommendations: For...
WAVLINK AC3000 internet.cgi set_add_routing function netmask parameter command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the netmask parameter of the internet.cgi setaddrouting function failing to correctly filter constructed command special...
CVE-2024-39762
Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...
WAVLINK AC3000 命令注入漏洞
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the netmask parameter of the internet.cgi setaddrouting function failing to correctly filter constructed command special...
CVE-2024-52028
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptpusernetmask parameter at wizpptp.cgi. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2024-28446
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini1 v1.2.9 was discovered to contain a buffer overflow via lannetmask parameter at /apply.cgi...