PT-2026-36120

A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the U-SPEED N300 Rounter V1.0.0. The device does not implement CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft ...

PT-2026-36105

Name of the Vulnerable Software and Affected Versions U-SPEED N300 router version 1.0.0 Description The device fails to implement rate limiting or account lockout protections on the '/api/login' endpoint. This allows an attacker on the local network to perform unlimited authentication attempts,...

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

EUVD-2025-209041

A Cross-Site Request Forgery CSRF vulnerability has been identified in the Web management interface of certain ASUS router models. This vulnerability potentially allows actions to be performed with the existing privileges of an authenticated user on the affected device, including the ability to...

CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

EUVD-2011-1332

Malware in sbrugna...

EUVD-2023-27413

Malicious code in bioql PyPI...

PT-2024-24469 · H3C · H3C Er8300G2-X

Name of the Vulnerable Software and Affected Versions: H3C ER8300G2-X affected versions not specified Description: The issue concerns incorrect access control, allowing the password for the router's management system to be accessed via the management system page login interface. Recommendations: ...

CVE-2024-3688 Xiamen Four-Faith RMP Router Management Platform sql injection

A vulnerability was found in Xiamen Four-Faith RMP Router Management Platform 5.2.2. It has been declared as critical. This vulnerability affects unknown code of the file /Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=. The manipulation of the argument groupId leads to sql...

CVE-2024-3688

CVE-2024-3688 affects Xiamen Four-Faith RMP Router Management Platform 5.2.2. The vulnerability is a SQL injection in /Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState= where manipulating the groupId parameter enables remote exploitation. Multiple connected sources corroborate...

Xiamen Four-Faith RMP Router Management Platform SQL注入漏洞

Xiamen Four-Faith RMP Router Management Platform is an online chat system from Xiamen Four-Faith, China. A SQL injection vulnerability exists in Xiamen Four-Faith RMP Router Management Platform version 5.2.2, which stems from an incorrect operation of the parameter groupId that can lead to sql...

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV110W, RV130, RV130W, and RV215W allows a perpetrator to execute arbitrary commands or cause service failures.

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business RV110W, RV130, RV130W, and RV215W arises from the copying of buffers without checking the size of the input data during the processing of user fields in incoming HTTP packets. Exploiting...

TCL LinkHub Mesh Wifi confctl_get_guest_wlan information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1503 TCL LinkHub Mesh Wifi confctlgetguestwlan information disclosure vulnerability August 1, 2022 CVE Number CVE-2022-27633 SUMMARY An information disclosure vulnerability exists in the confctlgetguestwlan functionality of TCL LinkHub Mesh Wifi MS1G0001.0014...

NETGEAR DGND3700 Authentication Bypass Vulnerability (Dec 2020)

NETGEAR DGN3700 devices are prone to an authentication bypass vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

Logic Flaw Vulnerability in RMP Router Management Platform of Xiamen Sihsin Communication Technology Co.

Xiamen Sihsin Communication Technology Co., Ltd. is a backbone enterprise in the field of wireless communication of Internet of Things in China, and is a high-tech enterprise with products, services and management activities covered by a strong color of "integrity, trust, confidence and faith"...

Weak Password Vulnerability in RMP Router Management Platform of Xiamen Sihsin Communication Technology Co.

Xiamen Sihsin Communication Technology Co., Ltd. focuses on the research and development, production, promotion and service of high-end wireless communication transmission equipment in the industrial field, and is a backbone enterprise in the field of wireless communication of the Internet of...

Weak Password Vulnerability in ZTE ONU EB01 v2 Router Management Page

ZTE Corporation is a leading global provider of integrated communications solutions. A weak password vulnerability exists in the management page of the ZTE ONU EB01 v2 router, which can be exploited by attackers to obtain sensitive information...

The vulnerability in the web interface for managing microprogrammed software routers of Cisco Small Business models RV016, RV042, RV042G, RV082, RV320, and RV325 allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the web-based management interfaces for Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 lies in insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...

The vulnerability in the web interface for managing microprogrammed wireless router software from Cisco, including models such as Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W, allows attackers to execute cross-site scripting attacks.

The vulnerability of the web interface for managing microprogrammed wireless router software from Cisco, such as Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W, is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a remote attack...

The vulnerability in the web interface for managing microprogrammed wireless router software of Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the web-based management interfaces for microprogramming software of Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W is caused by buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure...