WAVLINK WN579X3 - Remote Command Execution

Remote Command Execution vulnerability in WAVLINK WN579X3 routers via pingIp parameter in /cgi-bin/adm.cgi. id: CVE-2023-3380 info: name: WAVLINK WN579X3 - Remote Command Execution author: pussycat0x severity: critical description: | Remote Command Execution vulnerability in WAVLINK WN579X3 route...

EUVD-2023-40872

Malicious code in bioql PyPI...

The vulnerability of the web interface of D-Link DIR-300 and DIR-600 microprogrammed software routers allows a hacker to execute arbitrary commands.

The vulnerability of the web interfaces of D-Link DIR-300 and DIR-600 microprogrammed software routers is related to the failure to eliminate special elements used in the operating system’s processing of the pingIp parameter. Exploiting this vulnerability allows a remote attacker to execute...

CVE-2013-10050

An OS command injection vulnerability exists in multiple D-Link routers confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13 via the authenticated toolsvct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid...

The vulnerability of the ping_test() function in the adm.cgi script of the Wavlink WL-WN530H4 router software allows a hacker to execute arbitrary commands.

The vulnerability of the pingtest function in the adm.cgi script of the Wavlink WL-WN530H4 router software is related to the lack of data cleaning at the control level when processing the pingIp parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2023-50991

Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2, allows remote attackers to cause a denial of service DoS via the pingIp parameter in the pingSet function...

CVE-2023-36952

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

CVE-2025-44868

Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the pingtest function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2025-44868

Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the pingtest function of the adm.cgi via the pingIp parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

The vulnerability of the cgiPingSet() function (Program:/bin/httpd) in the Tenda W12 and i24 router microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the cgiPingSet function Program:/bin/httpd in the Tenda W12 and i24 router microprogramming systems is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

CVE-2020-8007

The pwrstudio web application of EV Charger in the server in Circontrol Raption through 5.6.2 is vulnerable to OS command injection via three fields of the configuration menu for ntpserver0, ntpserver1, and pingip...

CVE-2020-8007

The pwrstudio web application of EV Charger in the server in Circontrol Raption through 5.6.2 is vulnerable to OS command injection via three fields of the configuration menu for ntpserver0, ntpserver1, and pingip...

Tenda i29 安全漏洞

The Tenda i29 is a wireless router from the Chinese company Tenda. The Tenda i29 suffers from a buffer overflow vulnerability that originates from the pingIp parameter in the pingSet function failing to properly validate the length of the input data, which can be exploited by a remote attacker to...

PT-2024-14039 · Tenda · Tenda I29

Name of the Vulnerable Software and Affected Versions: Tenda i29 versions 1.0 V1.0.0.2 through 1.0 V1.0.0.5 Description: The issue allows remote attackers to cause a denial of service DoS via the pingIp parameter in the pingSet function. This can lead to service disruption. Recommendations: For...

CVE-2023-36952

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

CVE-2023-36952

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

Stack overflow

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

CVE-2023-36952

TOTOLINK CP300+ V5.2cu.7594B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg...

TOTOLINK CP300+ Buffer Error Vulnerability

The TOTOLINK CP300+ is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK CP300+ version V5.2cu.7594B20200910 and prior versions, which originates from the pingIp parameter in the function setDiagnosisCfg containing a stack overflow...

PT-2023-25752 · Totolink · Totolink Cp300+

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP300+ version 5.2cu.7594 B20200910 Description: A stack overflow issue was discovered via the pingIp parameter in the setDiagnosisCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK CP300+ version...