CVE-2025-25427

A stored cross-site scripting XSS vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 = Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload...

The vulnerability of the Port Forwarding technology in the microprogramming software for D-Link DSL-2750U allows a attacker to execute XSS attacks.

The vulnerability of the Port Forwarding technology of D-Link DSL-2750U software lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks via the PortMappingDescription parameter...

PT-2024-7248 · D Link · D-Link Dsl-2750U

Name of the Vulnerable Software and Affected Versions: D-Link DSL-2750U version R5B017 Description: A vulnerability has been found in the Port Forwarding Page component of D-Link DSL-2750U. The manipulation of the PortMappingDescription argument leads to cross-site scripting. It is possible to...

USN-4542-1 miniupnpd vulnerabilities

It was discovered that MiniUPnPd did not properly validate callback addresses. A remote attacker could possibly use this issue to expose sensitive information. CVE-2019-12107 It was discovered that MiniUPnPd incorrectly handled unpopulated user XML input. An attacker could possibly use this issue...