PT-2026-48163

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

PT-2026-46293

Name of the Vulnerable Software and Affected Versions Neterbit NW-431F Router versions prior to 20241014-IR03 Description The SMS module contains a stored Cross-Site Scripting XSS issue, where the application fails to properly sanitize user input within SMS messages before they are stored and...

PT-2026-45997

Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-based password encoding securityEncode function, this allows an attacker to reverse captured authenticati...

CVE-2026-36609

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-based password encoding securityEncode function, this allows an attacker to reverse captured authentication...

CVE-2026-36738

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain...

CVE-2026-36738

CVE-2026-36738 affects the U-SPEED AC1200 Gigabit Wi‑Fi Router (Model: T18-21K, V1.0). The UART interface is exposed with no authentication/authorization, allowing a physically present attacker to access device functionality unrestrictedly. Documents do not specify affected firmware versions, exp...

CVE-2026-36741

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...

CVE-2017-20223

Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrie...

CVE-2025-29165

An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component...

PT-2026-20357

Name of the Vulnerable Software and Affected Versions TOTOLINK A3002RU version 2.1.1-B20211108.1455 Description A stack-based buffer overflow exists due to the routernamer parameter within the formDnsv6 function. The issue is present in TOTOLINK A3002RU version 2.1.1-B20211108.1455. The vulnerabl...

UTT aggressive 512W buffer overflow vulnerability (CNVD-2026-0079510)

The UTT Progressive 512W is an enterprise-grade wireless router from Atech UTT designed for small and medium-sized businesses SOHO and similarly sized network environments for access scenarios of 30 to 50 users. UTT Progressive 512W has a buffer overflow vulnerability, the vulnerability stems fro...

Ruijie RG-EW1200G PRO 安全漏洞

The Ruijie RG-EW1200G PRO is a wireless router from Ruijie China. A security vulnerability exists in the Ruijie RG-EW1200G PRO that stems from improper handling of a specially crafted POST request for moduleget in the file /usr/local/lua/devsta/networkConnect.lua, which could lead to the executio...

CVE-2025-56091

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

CVE-2025-14286

The CVE-2025-14286 entry concerns Tenda AC9 devices with version 15.03.05.14_multi. The vulnerability targets the file /cgi-bin/DownloadCfg.jpg in the Configuration File Handler, where an unknown functionality can be manipulated to disclose information. The issue can be exploited remotely, and pu...

UTT 512W 安全漏洞

The UTT Progressive 512W is an enterprise-grade wireless router from Atech UTT designed for small and medium-sized businesses SOHO and similarly sized network environments for access scenarios of 30 to 50 users. The UTT Progressive 512W suffers from a buffer overflow vulnerability, which originat...

CVE-2025-14094 Edimax BR-6478AC V3 formSysCmd sub_44CCE4 os command injection

A flaw has been found in Edimax BR-6478AC V3 1.0.15. The affected element is the function sub44CCE4 of the file /boafrm/formSysCmd. This manipulation of the argument sysCmd causes os command injection. The attack may be initiated remotely. The exploit has been published and may be used. The vendo...

CVE-2025-29269

Summary: CVE-2025-29269 affects ALLNET ALL-RUT22GW v3.3.8 and is an OS command injection via the parameter named “command” in the popen.cgi endpoint. The vulnerability’s root cause is improper handling of the command parameter, enabling arbitrary command execution. Several sources corroborate the...

ADSLR NBR1005GPEV2 命令注入漏洞

The ADSLR NBR1005GPEV2 is a wireless router from China's Flying Fish Star ADSLR. A command injection vulnerability exists in the ADSLR NBR1005GPEV2 version 250814-r037c, which stems from the incorrect operation of the parameter mac in the file /sendorder.cgi, which could lead to command injection...

CVE-2025-60682

A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the cloudupdatecheck binary, specifically in the sub402414 function that handles cloud update parameters. User-supplied 'magicid' and 'url' values are directly concatenated into shell...

CVE-2025-60548

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formLanSetupRouterSettings...