EUVD-2025-201548

A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function RE2000v2RepeatergetwiredclientlistsetClientsName of the file modform.so. The manipulation of the argume...

CVE-2025-14136 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow

A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function RE2000v2RepeatergetwiredclientlistsetClientsName of the file modform.so. The manipulation of the argume...

CVE-2025-14136 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow

A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function RE2000v2RepeatergetwiredclientlistsetClientsName of the file modform.so. The manipulation of the argume...

CVE-2025-14134

A vulnerability was determined in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RE2000v2RepeatergetwirelessclientlistsetClientsName of the file modform.so. Executing manipulation of the...

CVE-2025-14134

CVE-2025-14134 affects Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 (firmware series 1.0.013.001 to 1.2.07.001). The vulnerability is a stack-based overflow in the RE2000v2Repeater_get_wireless_clientlist_setClientsName function in mod_form.so triggered by manipulating the clientsname_0 argu...

CVE-2025-14134 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow

A vulnerability was determined in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RE2000v2RepeatergetwirelessclientlistsetClientsName of the file modform.so. Executing manipulation of the...

PT-2025-49361

Name of the Vulnerable Software and Affected Versions Linksys RE6500 versions 1.0.013.001 through 1.2.07.001 Linksys RE6250 versions 1.0.013.001 through 1.2.07.001 Linksys RE6300 versions 1.0.013.001 through 1.2.07.001 Linksys RE6350 versions 1.0.013.001 through 1.2.07.001 Linksys RE7000 versions...

MAL-2025-5225 Malicious code in feature-repeaters (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 249612b727817f789e9e197fbfadefd3794ff07913ea34260a3ae17c9e2f1739 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in feature-repeaters (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 249612b727817f789e9e197fbfadefd3794ff07913ea34260a3ae17c9e2f1739 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-44072

OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management page and sends a specially crafted request to the affected product from the product's specific management page, an arbitrary OS command may be executed...

CVE-2024-44072

CVE-2024-44072 affects BUFFALO Wireless LAN routers and wireless LAN repeaters. An authenticated user can trigger an OS command injection (CWE-78) by sending a crafted request from the product’s management page, potentially executing arbitrary commands on the device. Affected products/versions (p...

CVE-2024-44072

OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN repeaters. If a user logs in to the management page and sends a specially crafted request to the affected product from the product's specific management page, an arbitrary OS command may be executed...

PT-2024-30936 · Buffalo · Buffalo Wireless Lan Repeaters +1

Name of the Vulnerable Software and Affected Versions: BUFFALO wireless LAN routers and wireless LAN repeaters affected versions not specified Description: An OS command injection issue exists, allowing an arbitrary OS command to be executed if a specially crafted request is sent to the product's...

BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection

Overview Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability CWE-78. Yoshiki Mori and Masaki Kubo of National Institute of Information and Communications Technology, Cybersecurity Research Laboratory reported this vulnerability to...

JVN#12824024: BUFFALO wireless LAN routers and wireless LAN repeaters vulnerable to OS command injection

Wireless LAN routers and wireless LAN repeaters provided by BUFFALO INC. contain an OS command injection vulnerability CWE-78. Impact If a user logs in to the management page and sends a specially crafted request to the affected product from the product's specific management page, an arbitrary OS...

CVE-2024-41936

A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication...

CVE-2024-37023

Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpoint parameters...

CVE-2024-37023

CVE-2024-37023 affects Vonets Industrial WiFi Bridge Relays/Repeaters (e.g., VAR1200-H/L, VAR600-H, VAP11AC/11G/11S variants, VBG1200, VGA-1000, etc.) with software version 3.3.23.6.9 and prior. It is a command-injection vulnerability that enables an authenticated remote attacker to execute arbit...

CVE-2024-41161

Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be...

Canada revisits decision to ban Flipper Zero

In February 2024 the Canadian government announced plans to ban the sale of the Flipper Zero, mainly because of its reported use to steal cars. The Flipper Zero is a portable device that can be used in penetration testing with a focus on wireless devices and access control systems. If that doesnt...