83 matches found
Tenda AC6 缓冲区错误漏洞
The Tenda AC6 is a wireless router from the Chinese company Tenda. A stack overflow vulnerability exists in the Tenda AC6 SetPptpServerCfg function, which can be exploited by an attacker to cause arbitrary command execution...
CVE-2021-46393
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack...
CVE-2021-46393
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by function sscanf without any security check,which causes stack...
CVE-2020-22724
A remote command execution vulnerability exists in addserverservice of PPTPSERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1...
Design/Logic Flaw
A remote command execution vulnerability exists in addserverservice of PPTPSERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1...
PPTP Server/Device Compromised
The remote PPTP Server/Device might have been compromised by an attacker or a worm. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as...
Serial number disclosure in the FortiOS PPTP server hostname protocol field
Fortigate PPTP service reveals serial number of FortiGate in the hostname field defined in connection control setup packets of PPTP protocol...
CVE-2017-15628
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptpserver.lua file...
CVE-2017-15637
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptpserver.lua file...
CVE-2017-15632
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptpserver.lua file...
CVE-2017-15623
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptpserver.lua file...
Command injection
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptpserver.lua file...
CVE-2017-15626
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptpserver.lua file...
Command injection
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptpserver.lua file...
CVE-2017-15624
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptpserver.lua file...
TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02039)
TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. The vulnerability can be exploited by a remote attacker to execute arbitrary commands by injecting commands into the...
TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02031)
TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. A remote attacker can exploit the vulnerability by injecting commands into the new-mppeencryption variable of the...
TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02035)
TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. A remote attacker can exploit the vulnerability by injecting commands into the lcpechointerval variable of the pptpserver.lu...
TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02040)
TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. The vulnerability can be exploited by a remote attacker to execute arbitrary commands by injecting commands into the...
TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02026)
TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. A remote attacker can exploit the vulnerability by injecting commands into the pptphellointerval variable of the...