Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

36 matches found

CVE
CVEadded 2026/02/22 2:32 a.m.7 views

CVE-2026-2910

CVE-2026-2910 affects the Tenda HG9 line, specifically versions prior to 300001139. The vulnerability resides in the file /boaform/formPing6, where manipulating the pingAddr argument triggers a stack-based overflow. It can be exploited remotely, and an exploit has been published. Remediation: upg...

9CVSS8.6AI score0.00154EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVEadded 2026/01/09 10:6 a.m.4 views

CVE-2019-20075

On Netis DL4323 devices, pingrttv6.html has XSS Ping6 Diagnostic...

6.1CVSS6.1AI score0.00522EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-26602

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.02694EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-7533

Malicious code in bioql PyPI...

4.8CVSS4AI score0.00168EPSS
Exploits0References3
OSV
OSVadded 2025/09/06 3:15 p.m.0 views

CVE-2025-10034

A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function getping6appstat of the file ping6response.cg of the component httpd. Performing manipulation of the argument ping6ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS6.2AI score
Exploits0References5
CVE
CVEadded 2025/09/06 2:32 p.m.14 views

CVE-2025-10034

D-Link DIR-825 1.08.01 is affected in the httpd component (ping6_response.cg) via get_ping6_app_stat; manipulating the ping6_ipaddr parameter triggers a buffer overflow. The flaw enables remote exploitation and is documented as already public. The vulnerability affects products no longer supporte...

9.8CVSS8.7AI score0.0029EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2025/09/06 2:32 p.m.1 views

CVE-2025-10034 D-Link DIR-825 httpd ping6_response.cg get_ping6_app_stat buffer overflow

A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function getping6appstat of the file ping6response.cg of the component httpd. Performing manipulation of the argument ping6ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

9CVSS8.8AI score0.0029EPSS
Exploits1References5
OSV
OSVadded 2025/09/03 4:15 p.m.0 views

CVE-2025-56498

An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...

5.3CVSS5.9AI score0.02694EPSS
Exploits1References2
NVD
NVDadded 2025/09/03 4:15 p.m.2 views

CVE-2025-56498

An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit...

5.3CVSS0.02694EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/09/03 12:0 a.m.1 views

PLDT WiFi Router Prolink PGN6401V 安全漏洞

PLDT WiFi Router Prolink PGN6401V is a router from PLDT Philippines. A security vulnerability exists in PLDT WiFi Router Prolink PGN6401V Firmware version 8.1.2, which stems from insufficient cleanup of the pingAddr parameter in the ping6.asp page, which could lead to OS command injection...

5.3CVSS6.9AI score0.02694EPSS
Exploits1References3
CVE
CVEadded 2025/09/03 12:0 a.m.10 views

CVE-2025-56498

The CVE-2025-56498 entry concerns the PLDT WiFi Router Prolink PGN6401V (Firmware 8.1.2) web management interface. The vulnerability resides in the ping6.asp page, where the pingAddr parameter is sent to /boaform/formPing6 without proper sanitization, enabling an authenticated attacker to inject ...

5.3CVSS7.2AI score0.02694EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/09/03 12:0 a.m.3 views

PT-2025-35785

Name of the Vulnerable Software and Affected Versions: PLDT WiFi Router Prolink PGN6401V Firmware version 8.1.2 Description: An OS command injection flaw exists in the web management interface. The ping6.asp page submits user input to the /boaform/formPing6 API endpoint via the pingAddr parameter...

5.3CVSS6.9AI score0.02694EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/08/29 12:0 a.m.2 views

PT-2025-36373

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 version 1.08.01 Description: A buffer overflow issue exists in the httpd component of D-Link DIR-825. The get ping6 app stat function within the ping6 response.cg file is affected. Manipulation of the ping6 ipaddr argument can...

9CVSS8.8AI score0.0029EPSS
Exploits1References13
OSV
OSVadded 2025/08/25 4:15 p.m.1 views

CVE-2025-29523

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function...

7.2CVSS5.8AI score
Exploits0References2
NVD
NVDadded 2025/08/25 4:15 p.m.3 views

CVE-2025-29523

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function...

7.2CVSS0.00958EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/08/25 12:0 a.m.2 views

CVE-2025-29523

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function...

7.7AI score0.00958EPSS
Exploits1References2
CVE
CVEadded 2025/08/25 12:0 a.m.13 views

CVE-2025-29523

CVE-2025-29523 affects the D-Link DSL-7740C modem with firmware DSL7740C.V6.TR069.20211230. Root cause: the ping6 function fails to properly filter constructed command characters, enabling arbitrary command execution via command injection. Impact per sources: high severity (CVSS 3.1: 7.2), networ...

7.2CVSS8.3AI score0.00958EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVEadded 2025/03/14 9:2 a.m.6 views

CVE-2025-2191

A vulnerability, which was classified as problematic, has been found in Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817. Affected by this issue is some unknown functionality of the file /form2pingv6.cgi of the component Ping6 Diagnóstico. The manipulation of the argument ip6addr with the input...

4.8CVSS3.4AI score0.00168EPSS
Exploits0References1
NVD
NVDadded 2025/03/11 12:15 p.m.6 views

CVE-2025-2191

A vulnerability, which was classified as problematic, has been found in Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817. Affected by this issue is some unknown functionality of the file /form2pingv6.cgi of the component Ping6 Diagnóstico. The manipulation of the argument ip6addr with the input...

4.8CVSS0.00168EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/03/11 12:0 p.m.4 views

CVE-2025-2191 Claro A7600-A1 Ping6 Diagnóstico form2pingv6.cgi cross site scripting

A vulnerability, which was classified as problematic, has been found in Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817. Affected by this issue is some unknown functionality of the file /form2pingv6.cgi of the component Ping6 Diagnóstico. The manipulation of the argument ip6addr with the input...

4.8CVSS3.4AI score0.00168EPSS
Exploits0References3
Rows per page
Query Builder