Lucene search
K

9088 matches found

NVD
NVD
added 2026/06/03 6:16 p.m.14 views

CVE-2026-36608

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the intern...

8.8CVSS0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/06/03 6:16 p.m.16 views

CVE-2026-36603

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExternalIPAddress. UPnP is enabled by default through the admin interface, allowing any unauthenticated LAN device to create arbitrary...

8.1CVSS0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.13 views

PT-2026-45990

Name of the Vulnerable Software and Affected Versions Mercusys AC12G EU V1 version AC12GEU V1 200909 Description The UPnP GetStatusInfo action discloses kernel memory layout. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, which reveals the kernel...

4.3CVSS5.5AI score0.00166EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2026/06/03 12:0 a.m.16 views

VulnCheck KEV: CVE-2021-27137

DD-WRT router firmware before changeset 45723 contains a stack buffer overflow vulnerability in the UPnP service that allows remote attackers to execute arbitrary code by sending specially crafted M-SEARCH requests with oversized ST:uuid values via UDP port 1900. Attackers can exploit this...

6.4AI score
In wildExploits1References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.11 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from UPnP AddPortMapping accepting internal IP addresses, which may allow unauthenticated LAN attackers to...

8.8CVSS5.3AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version released in September 2009 contained security vulnerabilities. These vulnerabilities were caused by the UPnP GetStatusInfo operation, which disclosed the kernel...

4.3CVSS5.4AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.14 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. There are security vulnerabilities in the Mercusys AC12G EU V1 and Mercusys AC12G EU V1 version released in September 2009. These vulnerabilities stem from the UPnP port 1900, where POST requests are receive...

7.3CVSS5.4AI score0.00231EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 12:0 a.m.19 views

EUVD-2026-34142

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExternalIPAddress. UPnP is enabled by default through the admin interface, allowing any unauthenticated LAN device to create arbitrary...

5.9AI score0.00211EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.18 views

PT-2026-45996

Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the...

8.8CVSS5.8AI score0.00181EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 12:0 a.m.17 views

CVE-2026-36603

Mercusys AC12G (EU) V1 router (firmware AC12G(EU)_V1_200909) is affected by a UPnP IGD issue: 15 of 18 UPnP actions are exposed without authentication on port 1900, with UPnP enabled by default via the admin interface. This allows any unauthenticated LAN device to create arbitrary port forwarding...

8.1CVSS5.9AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 12:0 a.m.31 views

CVE-2026-36602

CVE-2026-36602 affects the Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909. The issue arises in UPnP GetStatusInfo handling, which discloses kernel memory layout. An unauthenticated attacker on an adjacent network can obtain a raw MIPS KSEG0 kernel pointer, exposing kernel memory ...

4.3CVSS5.8AI score0.00166EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 3:16 a.m.17 views

CVE-2026-3870

A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

6.5CVSS0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 2:4 a.m.8 views

CVE-2026-3871

A buffer overflow vulnerability in the UPnP DeletePortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

6.5CVSS6AI score0.00168EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 1:54 a.m.14 views

EUVD-2026-33873

A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

6.5CVSS6AI score0.00168EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 1:54 a.m.12 views

CVE-2026-3870

A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

6.5CVSS6AI score0.00168EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.19 views

PT-2026-45689

A buffer overflow vulnerability in the UPnP DeletePortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

6.5CVSS6AI score0.00168EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.19 views

PT-2026-45688

A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

6.5CVSS6AI score0.00168EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Zyxel VMG4005-B50B 安全漏洞

The Zyxel VMG4005-B50B is a VDSL2/ADSL2+ broadband modem produced by the Chinese company Zyxel. The firmware version 5.13ABRL.5.4C0 and earlier contain security vulnerabilities. These vulnerabilities stem from a buffer overflow in the UPnP AddPortMapping command, which could allow adjacent...

6.5CVSS5.9AI score0.00168EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Zyxel VMG4005-B50B 安全漏洞

Zyxel VMG4005-B50B is a network device firmware designed for managing the network functions and configurations of Zyxel VMG4005-B50B router devices. There is a buffer overflow vulnerability present in Zyxel VMG4005-B50B. This vulnerability stems from the UPnP DeletePortMapping command failing to...

6.5CVSS6.2AI score0.00168EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.12 views

Learn from Your Mistakes: Tree-Like Self-Play for Secure Code LLMs

While Large Language Models LLMs excel in code generation, they remain prone to replicating subtle yet critical vulnerabilities endemic to their training data. Current alignment techniques, such as Supervised Fine-Tuning SFT and Reinforcement Learning RL, typically apply coarse-grained optimizati...

5.9AI score
Exploits0
Rows per page
Query Builder