CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/05/24 12:0 a.m.•9 views

PT-2026-42918

Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.28a Description A buffer overflow can be triggered remotely via the POST Request Handler component. The issue exists in the formwlencrypt24g function within the '/goform/formwlencrypt24g' endpoint when manipulating...

9CVSS7.5AI score0.00589EPSS

Positive Technologies•added 2026/05/24 12:0 a.m.•9 views

PT-2026-42938

A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument regDomain/ABandregDomain/nic0Addr/nic1Addr/wlanAddr/inicAddr results in command injection. It is...

6.5CVSS6.4AI score0.0135EPSS

9CVSS7.7AI score0.00589EPSS

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. The Edimax EW-7438RPn version 1.28a has a security vulnerability. This vulnerability stems from improper handling of the parameter “key1” by the formwlencrypt24g function in the component POST Request Handler...

6.5CVSS6.7AI score0.01364EPSS

Edimax EW-7438RPn 命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. The Edimax EW-7438RPn version 1.28a has a command injection vulnerability. This vulnerability stems from improper handling of parameters such as...

6.5CVSS6.6AI score0.01364EPSS

Edimax EW-7438RPn 命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. Version 1.12 of the Edimax EW-7438RPn contains a command injection vulnerability. This vulnerability stems from improper handling of the parameter submit-url in the formAccept function of the component POST...

CNNVD•added 2026/05/24 12:0 a.m.•5 views

Edimax EW-7438RPn 命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. Version 1.12 of the Edimax EW-7438RPn contains a command injection vulnerability. This vulnerability stems from improper handling of the parameter “method” in the function formEZCHNwlanSetup of the component...

6.5CVSS6.6AI score0.01364EPSS

CNNVD•added 2026/05/24 12:0 a.m.•5 views

Edimax BR-6675nD 命令注入漏洞

The Edimax BR-6675nD is a dual-band broadband wireless router produced by Edimax Corporation. Version 1.12 of the Edimax BR-6675nD contains a command injection vulnerability. This vulnerability stems from improper handling of the parameter “pinCode” in the POST Request Handler component...

6.5CVSS6.7AI score0.01364EPSS

9CVSS7.5AI score0.00589EPSS

Edimax BR-6675nD 安全漏洞

The Edimax BR-6675nD is a dual-band broadband wireless router produced by Edimax Corporation. Version 1.12 of the Edimax BR-6675nD contains a security vulnerability. This vulnerability stems from improper handling of parameters during the formWlSiteSurvey function in the POST Request Handler...

Positive Technologies•added 2026/05/24 12:0 a.m.•9 views

PT-2026-42919

Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.12 Description A command injection flaw exists in the POST Request Handler component. A remote attacker can trigger this issue by manipulating the submit-url argument within the formAccept function of the...

6.5CVSS6.7AI score0.01364EPSS

Exploits0References8

NVD•added 2026/05/23 7:16 p.m.•8 views

CVE-2018-25354

Joomla Component jomres 9.11.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information by tricking authenticated users into visiting malicious pages. Attackers can craft HTML forms targeting the account/index endpoint with hidden fields to chan...

5.3CVSS0.00163EPSS

CVE•added 2026/05/23 6:30 p.m.•29 views

CVE-2018-25358

The CVE-2018-25358 entry concerns the D-Link DIR-601 (firmware 2.02NA) where an unauthenticated attacker can disclose credentials via /my_cgi.cgi by manipulating the table_name parameter in POST requests. Affected data includes administrative credentials and wireless keys, exposed in cleartext. T...

8.7CVSS5.8AI score0.00697EPSS

Cvelist•added 2026/05/23 6:30 p.m.•13 views

CVE-2018-25358 D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

8.7CVSS0.00697EPSS

ATTACKERKB•added 2026/05/23 6:30 p.m.•11 views

CVE-2018-25358

8.7CVSS5.8AI score0.00697EPSS

Vulnrichment•added 2026/05/23 6:30 p.m.•5 views

CVE-2018-25358 D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi

8.7CVSS5.8AI score0.00697EPSS

Vulnrichment•added 2026/05/23 6:30 p.m.•6 views

CVE-2018-25354 Joomla Component jomres 9.11.2 Cross-Site Request Forgery

5.3CVSS5.7AI score0.00163EPSS

EUVD•added 2026/05/23 6:30 p.m.•8 views

EUVD-2018-21874

userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by sending POST requests to the existingUsernameCheck.php endpoint. Attackers can submit usernames and analyze response text for the 'taken' string to identify existing...

9.8CVSS5.8AI score0.00539EPSS

Snyk•added 2026/05/23 1:44 p.m.•9 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the PathSwitchRequest process. An attacker can cause memory corruption by sending specially crafted requests remotely to the affected component. Remediation Upgrade github.com/omec-project/amf/util to version 2.2.0 or...

6.5CVSS6.6AI score0.00296EPSS

Snyk•added 2026/05/23 1:44 p.m.•7 views

Buffer Overflow

6.5CVSS6.6AI score0.00296EPSS

Snyk•added 2026/05/23 1:44 p.m.•9 views

Buffer Overflow

6.5CVSS6.6AI score0.00296EPSS