Lucene search
K

42 matches found

CVE
CVE
added 2026/06/29 11:45 a.m.15 views

CVE-2026-13564

Summary: CVE-2026-13564 affects Edimax EW-7478APC firmware 1.04, specifically the POST Request Handler’s formPPPoESetup function. Manipulating the pppUserName argument triggers a stack-based buffer overflow, enabling remote attacker access. Public exploit reportedly exists and the vendor did not ...

9CVSS7.9AI score0.00751EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38871

In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an...

5.7AI score0.00508EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-53003

In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an...

7.5CVSS0.00508EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/08 3:46 p.m.49 views

CVE-2026-46306 flow_dissector: do not dissect PPPoE PFC frames

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

7.5CVSS0.00389EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/08 3:46 p.m.12 views

EUVD-2026-35171

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

5.4AI score0.00389EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:46 p.m.6 views

CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

5.3AI score0.00389EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.15 views

PT-2026-47377

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the flow dissector where the processing of PPPoE Protocol Field Compression PFC frames can lead to a 4-byte misalignment of the network header. This misalignment cause...

9.1CVSS5.3AI score0.00457EPSS
Exploits1References68
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.10 views

Edimax BR-6675nD 安全漏洞

The Edimax BR-6675nD is a dual-band broadband wireless router produced by Edimax Corporation. Version 1.12 of the Edimax BR-6675nD contains a security vulnerability. This vulnerability stems from the formsetPPPoE function in the POST Request Handler component, where improper handling of the...

9CVSS7.8AI score0.00445EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.2 views

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

7.1CVSS5.9AI score0.08943EPSS
Exploits3References3
Microsoft CVE
Microsoft CVE
added 2025/12/24 9:2 a.m.6 views

netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()

...

5.5CVSS5.4AI score0.00156EPSS
Exploits0
EUVD
EUVD
added 2025/10/05 6:30 p.m.7 views

EUVD-2025-32460

A flaw has been found in Belkin F9K1015 1.00.10. This affects an unknown part of the file /goform/formPPPoESetup. This manipulation of the argument pppUserName causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was...

9CVSS6.1AI score0.01002EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/09/23 12:0 a.m.9 views

PT-2025-40811

Name of the Vulnerable Software and Affected Versions Belkin F9K1015 version 1.00.10 Description A flaw exists in Belkin F9K1015 version 1.00.10 related to a buffer overflow. The issue is located in the file /goform/formPPPoESetup. Manipulation of the pppUserName argument causes the overflow...

9CVSS8.8AI score0.01002EPSS
Exploits1References13
RedhatCVE
RedhatCVE
added 2025/08/09 5:29 p.m.10 views

CVE-2025-34150

The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 is vulnerable to command injection via the 'user' parameter. Input is processed unsafely during network setup, allowing attackers to execute arbitrary system commands with root privileges...

9.4CVSS8.2AI score0.01386EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/06 12:0 a.m.5 views

Belkin F9K1122 安全漏洞

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a buffer overflow vulnerability that originates from the incorrect operation of the parameter pppUserName in the file /goform/formPPPoESetup, no details of the vulnerability are provided at this time...

9CVSS7.3AI score0.08751EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/02/05 1:16 a.m.4 views

CVE-2024-20327

A vulnerability in the PPP over Ethernet PPPoE termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the pppma process, resulting in a denial of service DoS condition. This vulnerability is du...

7.4CVSS6.9AI score0.00336EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: netfilter: flowtable: incorrect pppoe tuple

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mismatch in the flow...

5.5CVSS6.4AI score0.00228EPSS
Exploits0References5
OSV
OSV
added 2024/05/01 6:15 a.m.5 views

DEBIAN-CVE-2024-27015

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mismatch in the flow...

5.5CVSS5.6AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 2024/05/01 6:15 a.m.3 views

DEBIAN-CVE-2024-27016

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Validate it once before the flowtable lookup, then use a helper function to access protocol field...

5.5CVSS5.4AI score0.00244EPSS
Exploits0References1
OSV
OSV
added 2024/05/01 6:15 a.m.8 views

AZL-42237 CVE-2024-27015 affecting package kernel for versions less than 5.15.158.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mismatch in the flow...

5.5CVSS6.8AI score0.00228EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/03/25 12:0 a.m.7 views

The vulnerability of the PPP over Ethernet (PPPoE) network gateway function in Cisco IOS XR operating systems allows a hacker to induce a service failure.

The vulnerability of the PPP over Ethernet PPPoE network gateway function in Cisco IOS XR operating systems is related to insufficient input data validation. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending specific PPPoE packets...

7.4CVSS7.2AI score0.00336EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder