PT-2026-30558

A vulnerability was identified in Belkin F9K1015 1.00.10. This issue affects the function formReboot of the file /goform/formReboot. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be...

CVE-2026-22916

An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration...

ABB Ability Zenon Remote Transport Vulnerability (Update A)

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. The vulnerability enables unauthorized access to the Reboot OS function within the Remote Transport Service, allowing an attacker to trigger a system reboot without the required authentication...

CVE-2022-42087

Tenda AX1803 USAX1803v2.0brv1.0.0.12994CNZGYD014 is vulnerable to Cross Site Request Forgery CSRF via function fromSysToolReboot...

CVE-2024-39782

Multiple OS command injection vulnerabilities exist in the adm.cgi schreboot functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...

CVE-2024-57212

TOTOLINK A6000R firmware version V1.0.1-B20201211.2000 contains a command‑injection vulnerability in the opmode parameter of the action_reboot function. Multiple connected sources confirm the flaw, with references describing that an attacker can influence command execution via this parameter. The...

CVE-2024-57212

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the opmode parameter in the actionreboot function...

CVE-2024-51249

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the reboot function...

DrayTek Vigor 3900 安全漏洞

DrayTek Vigor 3900 is a high performance router for enterprise networks from China DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3. An attacker can exploit this vulnerability to inject malicious commands into mainfunction.cgi and execute arbitrary commands by...

PT-2024-34573 · Draytek · Draytek Vigor3900

Name of the Vulnerable Software and Affected Versions: Draytek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the reboot function. This enables remote reboot and potentially other...

CVE-2024-51249

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the reboot function...

CVE-2024-51249

Draytek Vigor3900 firmware 1.5.1.3 fix/mitigation details: Affects mainfunction.cgi where input is not sufficiently validated, enabling attackers to injection execute arbitrary commands via reboot function. Impact: remote command execution with HIGH confidentiality/integrity/availability impact w...

CVE-2023-34669

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cstemodules/system which can reboot the system...

CVE-2023-34669

TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cstemodules/system which can reboot the system...

CVE-2023-22441

Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which may allow a remote attacker to obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product. Affected products and versio...

CVE-2022-42087

Tenda AX1803 USAX1803v2.0brv1.0.0.12994CNZGYD014 is vulnerable to Cross Site Request Forgery CSRF via function fromSysToolReboot...

CVE-2022-1667

Client-side JavaScript controls may be bypassed by directly running a JS function to reboot the PLC e.g., from the browser console or by loading the corresponding, browser accessible PHP script...

Design/Logic Flaw

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example...