PT-2026-46294

Name of the Vulnerable Software and Affected Versions Neterbit NW-431F Router version NW-431F-20241014-IR03 Description A flaw in the 'at command.asp' interface allows a remote attacker to obtain sensitive information and execute arbitrary code. This issue can be triggered by sending a crafted...

CVE-2026-5511

In the web management interface of Archer AX72 SG v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this issue to confirm the...

CVE-2026-34473

Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181A, and H196Q. A denial-of-service condition can be triggered against the router's web interface by sending an oversized application/x-www-form-urlencoded POST...

CVE-2020-37096

Edimax EW-7438RPn 1.13 contains a cross-site request forgery vulnerability in the MAC filtering configuration interface. Attackers can craft malicious web pages to trick users into adding unauthorized MAC addresses to the device's filtering rules without their consent...

EUVD-2026-2707

A Stored Cross-Site Scripting XSS vulnerability in Web management interface in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to execute arbitrary scripts via a crafted payload due to unsanitized repeater AP SSID value when is displayed in any page at...

CVE-2026-0405

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin...

CVE-2026-0408

NETGEAR WiFi range extenders are affected by CVE-2026-0408 due to a path traversal vulnerability that allows an attacker with LAN authentication to access the router’s IP and read the dynamically generated webproc file, which contains the username and password submitted to the router GUI. Affecte...

PT-2026-2628

Name of the Vulnerable Software and Affected Versions NETGEAR Orbi affected versions not specified Description A flaw exists that allows users on the local network to gain administrative access to the router web interface without proper authentication. This bypass enables unauthorized access to...

EUVD-2025-34739

Apache Traffic Control has an Inefficient Regular Expression Complexity vulnerability...

UBUNTU-CVE-2023-53365

In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skbunderpanic in ip6mrcachereport skbuff: skbunderpanic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg ------------ cut here ------------ kernel BUG at...

Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. CVE-2024-58053: rxrpc: Fix handling of received connection abort bsc1238982...

CVE-2025-45861

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the routername parameter in the formDnsv6 interface...

The vulnerability of the application software interface for FutureNet NXR routers allows a perpetrator to gain unauthorized access to vulnerable routers.

The vulnerability of the application software interface for FutureNet NXR routers lies in errors in representing certain functions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the vulnerable router...

The vulnerability of the web interface of DrayTek Vigor microprogramming software allows attackers to carry out cross-site scripting attacks.

The vulnerability of the web interface of DrayTek Vigor microprogramming software routers exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the application software interface of D-Link DIR-2150 router software allows a hacker to execute arbitrary code.

The vulnerability of the application software interface of D-Link DIR-2150 routers exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform...

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the web-based management interfaces for Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...

CVE-2020-14101

The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version 1.0.336 and Xiaomi route RM1800 root version 1.0.26...

CVE-2021-1155

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. The vulnerabilities are due to insufficient...

CVE-2020-3145

Multiple vulnerabilities in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to execute arbitrary code on an affected device...