Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

121456 matches found

EUVD
EUVDadded 2026/05/04 1:45 a.m.6 views

EUVD-2026-26873

A weakness has been identified in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote exploitation of the attack ...

6.5CVSS6.4AI score0.00916EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/05/04 1:45 a.m.6 views

CVE-2026-7720

A weakness has been identified in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote exploitation of the attack ...

6.5CVSS6.4AI score0.00916EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2026/05/04 1:45 a.m.28 views

CVE-2026-7720

CVE-2026-7720 – Totolink WA300 : The weakness affects the POST Request Handler in /cgi-bin/cstecgi.cgi, specifically the setLanguageCfg function, where manipulating the langType argument leads to a command injection. Remote exploitation is possible and a public exploit exists. Connected sources c...

6.5CVSS6.4AI score0.00916EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/05/04 1:30 a.m.3 views

CVE-2026-7719

A security flaw has been discovered in Totolink WA300 5.2cu.7112B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument httphost results in buffer overflow. The attack may be launched...

10CVSS7.8AI score0.00619EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/05/04 1:30 a.m.17 views

CVE-2026-7719

The CVE-2026-7719 entry describes a buffer overflow in Totolink WA300’s /cgi-bin/cstecgi.cgi loginauth handler (affected component: POST Request Handler). Specifically, manipulation of the http_host argument can overflow a buffer, enabling a remote attack. Public exploit details are indicated (ex...

10CVSS7.8AI score0.00619EPSS
Exploits0References5
NVD
NVDadded 2026/05/04 1:16 a.m.18 views

CVE-2026-42368

A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability...

9.9CVSS0.00348EPSS
Exploits0References3
NVD
NVDadded 2026/05/04 1:16 a.m.8 views

CVE-2026-7372

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Stack-overflow via...

9CVSS0.00463EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/04 1:15 a.m.43 views

CVE-2026-7718 Totolink WA300 POST Request cstecgi.cgi setWebWlanIdx command injection

A vulnerability was identified in Totolink WA300 5.2cu.7112B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injection. The attack may be initiated remotely. The...

6.5CVSS0.00916EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/04 1:15 a.m.17 views

EUVD-2026-26869

A vulnerability was identified in Totolink WA300 5.2cu.7112B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injection. The attack may be initiated remotely. The...

6.5CVSS6.5AI score0.00916EPSS
Exploits0References5
CVE
CVEadded 2026/05/04 1:15 a.m.17 views

CVE-2026-7718

Totolink WA300 is affected by CVE-2026-7718 due to a vulnerability in the POST Request Handler’s function setWebWlanIdx (file /cgi-bin/cstecgi.cgi). The issue arises from manipulating the webWlanIdx parameter, enabling command injection. Impact is described with low to moderate confidentiality, i...

6.5CVSS6.5AI score0.00916EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/04 1:0 a.m.4 views

CVE-2026-7717

A vulnerability was determined in Totolink WA300 5.2cu.7112B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead to buffer overflow. The attack can be launched...

9CVSS7.8AI score0.00472EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/05/04 1:0 a.m.32 views

CVE-2026-7717 Totolink WA300 POST Request cstecgi.cgi UploadCustomModule buffer overflow

A vulnerability was determined in Totolink WA300 5.2cu.7112B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead to buffer overflow. The attack can be launched...

9CVSS0.00472EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/04 1:0 a.m.5 views

EUVD-2026-26868

A vulnerability was determined in Totolink WA300 5.2cu.7112B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead to buffer overflow. The attack can be launched...

9CVSS7.8AI score0.00472EPSS
Exploits0References5
CVE
CVEadded 2026/05/04 1:0 a.m.15 views

CVE-2026-7717

Totolink WA300 5.2cu.7112_B20190227 is affected by CVE-2026-7717. The vulnerability is in the POST Request Handler’s UploadCustomModule function (file path: /cgi-bin/cstecgi.cgi). Manipulating the File argument can trigger a buffer overflow, and the issue can be exploited remotely. Exploitation i...

9CVSS7.8AI score0.00472EPSS
Exploits0References5
CVE
CVEadded 2026/05/04 12:48 a.m.12 views

CVE-2026-42370

GeoVision GV-VMS V20 WebCam Server Login vulnerability (CVE-2026-42370) affects GV-VMS V20 20.0.2. A stack overflow is triggered by a specially crafted HTTP request, leading to arbitrary code execution. Exploitation is described as unauthenticated over the network. The CVSS 3.1 base metrics indic...

9.8CVSS6.2AI score0.00534EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/04 12:48 a.m.2 views

CVE-2026-42370

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9CVSS6.2AI score0.00534EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/04 12:48 a.m.4 views

CVE-2026-42370 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9CVSS6.2AI score0.00534EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/04 12:48 a.m.32 views

CVE-2026-42370 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9CVSS0.00534EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/04 12:48 a.m.9 views

EUVD-2026-26861

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9CVSS6.2AI score0.00534EPSS
Exploits0References2
CVE
CVEadded 2026/05/04 12:47 a.m.15 views

CVE-2026-7372

CVE-2026-7372 affects GeoVision GV-VMS V20 20.0.2, specifically the WebCam Server Login functionality. A stack overflow is triggered by an unconstrained sscanf when parsing the Authorization string, where username or password extracted content may exceed 40 characters, overwriting the stack. The ...

9CVSS6.5AI score0.00463EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder