CVE-2025-3989

A vulnerability classified as critical was found in TOTOLINK N150RT 3.4.0-B20190525. Affected by this vulnerability is an unknown functionality of the file /boafrm/formStaticDHCP. The manipulation of the argument Hostname leads to buffer overflow. The attack can be launched remotely. The exploit...

CVE-2025-3725

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component MIC Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to...

CVE-2025-3681

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MODE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public...

CVE-2025-3679

A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and...

EulerOS 2.0 SP11 : binutils (EulerOS-SA-2025-1347)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the fil...

CVE-2025-3328

A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function formfastsettingwifiset of the file /goform/fastsettingwifiset. The manipulation of the argument ssid/timeZone leads to buffer overflow. It is possible to launch the attack remotely...

PT-2025-15275 · Unknown · Pcman Ftp Server

Name of the Vulnerable Software and Affected Versions: PCMan FTP Server version 2.0.7 Description: A critical vulnerability has been found in the EPRT Command Handler component of PCMan FTP Server. The manipulation leads to a buffer overflow, which can be launched remotely. The exploit has been...

CVE-2025-1898

A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The...

CVE-2025-1896

A vulnerability classified as critical was found in Tenda TX3 16.03.13.11multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to th...

CVE-2025-1852

A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack can be initiated remotely. The...

CVE-2024-7183

A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182B20201102. Affected is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. It is possible to launch the attack remotely. The...

CVE-2024-7831

UNSUPPORTED WHEN ASSIGNED A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classifi...

CVE-2024-7331

A vulnerability was found in TOTOLINK A3300R 17.0.0cu.557B20221024 and classified as critical. Affected by this issue is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack may be launched remotely. The explo...

CVE-2024-6962

A vulnerability classified as critical was found in Tenda O3 1.0.0.10. This vulnerability affects the function formQosSet. The manipulation of the argument remark/ipRange/upSpeed/downSpeed/enable leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

CVE-2024-6189

A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to launch the attack remotel...

CVE-2024-11048

A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrvasp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

CVE-2024-0535

A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName leads to stack-based buffer overflow. The attack can be launched remotely. T...

CVE-2024-0539

A vulnerability was found in Tenda W9 1.0.0.74456 and classified as critical. This issue affects the function formQosManageuser of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

Ivanti Buffer Overflow Proof of Concept Exploit

Proof of concept exploit for CVE-2025-0282, a remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways. PoC for CVE-2025-0282, a remote unauthenticated stack based buffer overflow affecting Ivanti Connect Secure,...

The vulnerability of the formSetDeviceName() function (/goform/SetOnlineDevName) in the Tenda AC6 router’s microprogramming software allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the formSetDeviceName function /goform/SetOnlineDevName of the Tenda AC6 router’s microprogramming software is related to the issue where the operation exits the buffer boundaries in memory when processing the mac and devName parameters. Exploiting this vulnerability could...