CVE-2026-36608

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the intern...

CVE-2026-0408

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI...

PT-2026-2631

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI...

PT-2023-5871 · D Link · D-Link Dsl-3782

Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 versions 1.03 and earlier Description: The issue allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page. This is related to the lack of protection...

PT-2020-19494

Name of the Vulnerable Software and Affected Versions Comtech Stampede FX-1010 version 7.4.3 Description The issue allows remote authenticated administrators to achieve remote code execution by navigating to the "Poll Routes" page and entering shell metacharacters in the Router IP Address field. ...