CVE-2026-4172

A vulnerability was detected in TRENDnet TEW-632BRP 1.010B32. This affects an unknown part of the file /pingresponse.cgi of the component HTTP POST Request Handler. The manipulation of the argument pingipaddr results in stack-based buffer overflow. The attack may be performed from remote. The...

CVE-2025-56498

An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...

PLDT WiFi Router Prolink PGN6401V 安全漏洞

PLDT WiFi Router Prolink PGN6401V is a router from PLDT Philippines. A security vulnerability exists in PLDT WiFi Router Prolink PGN6401V Firmware version 8.1.2, which stems from insufficient cleanup of the pingAddr parameter in the ping6.asp page, which could lead to OS command injection...

CVE-2025-56498

An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...

CVE-2025-8949 D-Link DIR-825 httpd ping_response.cgi get_ping_app_stat stack-based overflow

A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function getpingappstat of the file pingresponse.cgi of the component httpd. The manipulation of the argument pingipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The...

5V Technologies Blue Angel Software Suite 操作系统命令注入漏洞

5V Technologies Blue Angel Software Suite is a management and control software suite deployed on embedded Linux devices from 5V Technologies, Taiwan, China. A security vulnerability exists in 5V Technologies Blue Angel Software Suite that originates from an OS command injection attack due to an...

CVE-2024-51186

D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution RCE vulnerability via the pingaddr parameter in the pingv4 and pingv6 functions...

D-Link DIR-820L Code Execution Vulnerability

The D-Link DIR-820L is a dual-band wireless router from China's AUO D-Link. The D-Link DIR-820L suffers from a code execution vulnerability that stems from the pingaddr parameter in the pingv4 and pingv6 functions failing to properly filter the special elements of the constructed code segment. An...

CVE-2024-51186

D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution RCE vulnerability via the pingaddr parameter in the pingv4 and pingv6 functions...

D-Link DIR-820L 安全漏洞

The D-Link DIR-820L is a dual-band wireless router from China's AUO D-Link. The D-Link DIR-820L suffers from a code execution vulnerability that stems from the pingaddr parameter in the pingv4 and pingv6 functions failing to properly filter the special elements of the constructed code segment. An...

PT-2024-8854 · D Link · D-Link Dir-820L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-820L version 1.05b03 Description: The issue is related to the ping v4 and ping v6 functions in the D-Link DIR-820L router's firmware, which fails to properly sanitize data when handling the ping addr parameter. This can allow a...

The vulnerability of the ping.cgi script in NETGEAR DGN2200 router’s embedded software allows a hacker to execute arbitrary commands and gain full control over the device.

The vulnerability of the ping.cgi script in NETGEAR DGN2200 router software exists because measures to neutralize specific elements used in the operating system command have not been taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands on th...

The vulnerability of the ping.ccp component of the D-Link DIR820LA1 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the ping.ccp component of the D-Link DIR820LA1 router’s microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary...

CVE-2022-30425

Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request...

CVE-2022-30425

Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request...

The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.

The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...

The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.

The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...

The vulnerability of D-Link and TRENDnet’s microprogrammed router services allows attackers to execute arbitrary commands or bypass authentication mechanisms, thereby gaining full control over the device.

The vulnerability of D-Link and TRENDnet’s microprogrammed router software services is related to deficiencies in the authentication process when processing the ping command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the pingaddr parameter...