PT-2026-32147

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A vulnerability exists in the Totolink A7100RU router, specifically within the CGI Handler component. Manipulation of the proto argument in the setNetworkCfg function of the...

CVE-2025-45057

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ippositionasp function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2019-25417

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protoco...

CVE-2019-25417

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protoco...

CVE-2019-25417

The CVE concerns Comodo Dome Firewall 2.7.0 with a reflected cross-site scripting flaw in the QoS rules management endpoint. Attackers can submit crafted input in the protocol parameter via POST requests, causing JavaScript to execute in administrator browsers. Root cause: input reflected into a ...

CVE-2019-25417 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via QoS Rules

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protoco...

CVE-2019-25417

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protoco...

CVE-2019-25417 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via QoS Rules

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protoco...

PT-2026-20820

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. Attackers can send POST requests to the QoS rules management endpoint with JavaScript payloads in the protoco...

CVE-2025-29228

CVE-2025-29228 affects Linksys E5600 router firmware (V1.1.0.26). The vulnerability is a command injection in the runtime.macClone function triggered via the mc.ip parameter, with the exploitability implied as network-based and high impact (per the CVSS 3.1 metrics: AV:N, AC:L, PR:N, UI:N, S:U, C...

CVE-2025-34302

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the PROT parameter when creating a new service. When a user adds a service, the application issues an HTTP POST...

D-Link DSL-3782 安全漏洞

The D-Link DSL-3782 is a wireless router from Taiwan, China-based D-Link. The D-Link DSL-3782 suffers from an OS command injection vulnerability that originates from the inIP, insPort, inePort, exsPort, exePort, and protocol parameters, which can be exploited by an attacker to execute arbitrary...

CVE-2024-25254

SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter...

CVE-2024-46676 nfc: pn533: Add poll mod list filling check

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of improtocols value is 1 and tmprotocols value is 0 this combination successfully passes the check 'if !improtocols && !tmprotocols' in the nfcstartpoll. But then after...

CVE-2024-46676 nfc: pn533: Add poll mod list filling check

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of improtocols value is 1 and tmprotocols value is 0 this combination successfully passes the check 'if !improtocols && !tmprotocols' in the nfcstartpoll. But then after...

CVE-2023-50992

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function...

CVE-2023-29802

TOTOLINK X18 V9.1.0cu.2024B20220329 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function...

TOTOLINK A7000R 操作系统命令注入漏洞

The TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK A7000R version V9.1.0u.6115B20201022, which stems from a command injection issue in the ip parameter of the setDiagnosisCfg method...

TOTOLINK A7000R 缓冲区错误漏洞

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK A7000R version V9.1.0u.6115B20201022, which stems from a stack overflow in the ip parameter of the setDiagnosisCfg method...

PT-2022-23403 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version 9.3.5u.6139 B20201216 Description: A command injection issue was found via the ip parameter in the setDiagnosisCfg function, allowing potential exploitation. Recommendations: For TOTOLINK N350RT version 9.3.5u.6139...