8210 matches found
WAVLINK WN579X3 - Remote Command Execution
Remote Command Execution vulnerability in WAVLINK WN579X3 routers via pingIp parameter in /cgi-bin/adm.cgi. id: CVE-2023-3380 info: name: WAVLINK WN579X3 - Remote Command Execution author: pussycat0x severity: critical description: | Remote Command Execution vulnerability in WAVLINK WN579X3 route...
TOTOLINK/Realtek Routers - CAPTCHA Bypass
On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via a POST request to the boafrm/formLogin URI with the JSON payload "topicurl":"setting/getSanvas". This allows an unauthenticated attacker to bypass CAPTCHA verification, gaining unauthorized access to restricted...
Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure
Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated remote attacker to retrieve sensitive information due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and...
NETGEAR - Authentication Bypass
NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers are vulnerable to authentication bypass vulnerabilities which could allow network-adjacent attackers to bypass authentication on affected installations. id:...
D-Link Routers - Remote Command Injection
D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 device may allow an authenticated attacker to execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for...
TOTOLINK Realtek SD Routers - Remote Command Injection
TOTOLINK Realtek SDK based routers may allow an authenticated attacker to execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI syscmd.htm is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0,...
Milesight Routers - Information Disclosure
A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router...
D-Link - Remote Command Execution
A Remote Command Execution RCE vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file id: CVE-2021-45382 info: name: D-Link - Remote Command Execution author: king-alexander severity: critic...
EUVD-2026-42721
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on MX Series allows adjacent subscribers to bypass configured firewall filters. On MX Series devices with MPC10/11, LC4800/9600, and MX304 with subscribers...
EUVD-2026-42291
An OS command injection vulnerability exists in the sub34984 function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The lanipv6prefixlen configuration parameter is not properly sanitized, which could allow an authenticated remo...
EUVD-2026-42292
An OS command injection vulnerability exists in the startlltd function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The machinename configuration parameter is not properly sanitized, which could allow an authenticated remote...
CVE-2026-24700
An OS command injection vulnerability exists in the startlltd function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The machinename configuration parameter is not properly sanitized, which could allow an authenticated remote...
CVE-2026-24699
An OS command injection vulnerability exists in the sub34984 function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The lanipv6prefixlen configuration parameter is not properly sanitized, which could allow an authenticated remo...
CVE-2026-24698
CVE-2026-24698 concerns an OS command injection in the Cisco RV130/RV130W (firmware 1.0.3.55) and RV110W (firmware 1.2.2.5 / 1.2.2.8) devices. The vulnerability exists in the save_syslog_to_file() function of the Cisco httpd binary, where the model_name configuration parameter is not properly san...
CVE-2026-24700
An OS command injection vulnerability exists in the startlltd function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The machinename configuration parameter is not properly sanitized, which could allow an authenticated remote...
CVE-2026-24699
CVE-2026-24699 affects Cisco routers: RV130/RV130W (firmware 1.0.3.55) and RV110W (firmware 1.2.2.5/1.2.2.8). The issue is an OS command injection in the sub_34984() function of the rc binary, caused by improper sanitization of the lan_ipv6_prefixlen configuration parameter. This could allow an a...
CVE-2026-24697
An OS command injection vulnerability exists in the startbonjour function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The wanhostname configuration parameter is not properly sanitized, which could allow an authenticated remot...
Cisco VPN Routers - Unauthenticated Arbitrary File Upload
A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass due to the default configuration of REVERSEPROXYTRUSTEDPROXIES allowing all sources. An attacker can gain unauthorized access by sending spoofed reverse-proxy authentication headers such as X-WEBAUTH-USER...
Replay Attack
Overview Affected versions of this package are vulnerable to Replay Attack in the TOTP authentication process. An attacker can gain unauthorized access by reusing a previously valid one-time password across web two-factor authentication flows and the Basic Auth X-Gitea-OTP path. Remediation Upgra...