CVE-2026-9345

A vulnerability was detected in Edimax EW-7438RPn up to 1.31. This affects the function formWizSurvey of the file /goform/formWizSurvey of the component webs. Performing a manipulation of the argument ssid/manualssid/ip/mask/gateway results in buffer overflow. The attack is possible to be carried...

CVE-2026-36741

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...

PT-2026-35339

A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6Routing. This manipulation of the argument destNet causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed an...

CVE-2026-5991

A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be...

Tenda AC9 安全漏洞

The Tenda AC9 is a wireless router produced by the Chinese company Tenda. Version 15.03.02.13 of the Tenda AC9 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/QuickIndex, specifically the parameter PPPoEPassword, which may lead ...

Missing Release of Resource after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime due to incomplete handling of the errors in TLS handshake. An attacker can cause the service to become unavailable by initiating multiple incomplete TLS handshakes, leading to resourc...

CVE-2026-26999 Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (slowloris doS)

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared befor...

CVE-2022-40619

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsqaccesstoken parameter. This affects R6230 before...

UTT Progressive 512W Buffer Overflow Vulnerability

The UTT Progress 512W is an enterprise-grade wireless router designed for small office or home office SOHO environments for network scenarios with up to 50 people. The UTT Progressive 512W suffers from a buffer overflow vulnerability that originates from the incorrect operation of the strcpy...

D-Link DIR600L 安全漏洞

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

CVE-2024-46340

TL-WR845NUNV4201214, TP-Link TL-WR845NUNV4200909, and TL-WR845NUNV4190219 was discovered to transmit user credentials in plaintext after executing a factory reset...

Tenda AX1806 安全漏洞

The Tenda AX1806 is a WiFi6 wireless router from Tenda, a Chinese company. The Tenda AX1806 suffers from a stack overflow vulnerability that stems from the iptv.city.vlan parameter in the function setIptvInfo containing a stack overflow. No detailed vulnerability details are provided at this time...

SyroTech SY-GPON-1110-WDONT 安全漏洞

The SyroTech SY-GPON-1110-WDONT is a wireless router from SyroTech. The SyroTech SY-GPON-1110-WDONT suffers from an information disclosure vulnerability that stems from a missing security flag in a session cookie associated with the router's web management interface. An attacker could exploit thi...

Tenda F1202 安全漏洞

The Tenda F1202 is an enterprise-grade dual-band wireless router that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1200Mbps, equipped with four 5dBi antennas to enhance signal coverage. The Tenda F1202 suffers from a buffer overflow vulnerability that stems from the...

Huawei NetEngine AR617VW Security Vulnerability

Huawei NetEngine AR617VW is a multifunction router from Huawei China. A security vulnerability exists in the Huawei NetEngine AR617VW, which stems from the presence of a command injection vulnerability that can be exploited by an attacker to gain elevated privileges...

GL.iNet AX1800 Security Vulnerability

The GL.iNet AX1800 is a wireless router from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet AX1800 that stems from a vulnerability that allows an attacker to execute arbitrary code with the specially crafted GLnassys authentication function...

TOTOLINK X2000R Gh formPortFw Method Buffer Overflow Vulnerability

TOTOLINK X2000R Gh is a WiFi 6 router from China's Gion Electronics TOTOLINK, which supports Gigabit network and Easy Mesh features with multi-device connectivity and wireless expansion. The TOTOLINK X2000R Gh suffers from a buffer overflow vulnerability that stems from the formPortFw method...

Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G 跨站请求伪造漏洞

The Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G is a mobile network wireless router from Guangzhou Tozed Kangwei Intelligent Technology. A security vulnerability exists in the Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G S10G3.11.6, which allows an attacker to take over a user'...

PT-2023-13901 · Realtek · Realtek Gpon Router

Name of the Vulnerable Software and Affected Versions: Realtek GPON router affected versions not specified Description: The issue is related to insufficient filtering for special characters in the Realtek GPON router. A remote attacker, who is authenticated as an administrator, can exploit this t...

H3C Magic NX18 Plus 缓冲区错误漏洞

The H3C Magic NX18 Plus is a Gigabit dual-band router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic NX18 Plus NX18PV100R003 version, which stems from a stack overflow in the EnableIpv6 method...