TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. Version 3.10B20 of TRENDnet TEW-432BRP contains a security vulnerability. This vulnerability arises from the operation of the formPortFw function in the file/goform/formPortFw, where the parameter servername caus...

EUVD-2026-31670

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

CVE-2024-30167

/cgi-bin/time.cgi in Atlona AT-OME-MS42 Matrix Switcher 1.1.2 allow remote authenticated users to execute arbitrary commands as root via a POST request that carries a serverName parameter...

CVE-2019-25346

CVE-2019-25346 pertains to TheSystem 1.0, with a SQL injection in the server_name parameter that enables authentication bypass. The vulnerability allows an attacker to inject SQL like ' or '1=1' to retrieve unauthorized database records and potentially access sensitive system information. Multipl...

CVE-2019-25346

TheSystem 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the 'servername' parameter. Attackers can inject malicious SQL code like ' or '1=1 to retrieve unauthorized database records and potentially access sensitive system information...

PT-2026-7882

TheSystem 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the 'server name' parameter. Attackers can inject malicious SQL code like ' or '1=1 to retrieve unauthorized database records and potentially access sensitive system information...

thesystem SQL注入漏洞

TheSystem is a password management project developed by Kostas Mitroglou. Version 1.0 of thetheSystem has a SQL injection vulnerability, which stems from improper handling of the parameter servername, potentially leading to SQL injection attacks...

CVE-2025-71021

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serverName parameter of the sub65A28 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-55606

Tenda AX3 V16.03.12.10CN is vulnerable to Buffer Overflow in the fromAdvSetMacMtuWan function via the serverName parameter...

CVE-2025-55606

Tenda AX3 V16.03.12.10CN is vulnerable to Buffer Overflow in the fromAdvSetMacMtuWan function via the serverName parameter...

CVE-2025-55606

Tenda AX3 V16.03.12.10CN is vulnerable to Buffer Overflow in the fromAdvSetMacMtuWan function via the serverName parameter...

CVE-2025-55606

The CVE-2025-55606 entry pertains to the Tenda AX3 router (firmware v16.03.12.10_CN). A buffer overflow in the fromAdvSetMacMtuWan function is triggered by the serverName parameter, due to improper validation of input length/size. This can cause a denial-of-service condition. CVSS metrics indicat...

CVE-2024-44565

Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function formfastsettinginternetset...

Input validation

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the SMTP Server Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

CVE-2023-2382

A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. Affected by this issue is some unknown functionality of the file scgi-bin/platform.cgi?page=firewalllogsemail.htm of the component Web Management Interface. The manipulation of the argument...

PT-2023-2609 · NetGear · Netgear Srx5308

Name of the Vulnerable Software and Affected Versions: Netgear SRX5308 versions up to 4.3.5-3 Description: A vulnerability exists in the Web Management Interface of the Netgear SRX5308, allowing for cross-site scripting attacks. This issue is caused by the lack of protection for the web page...

CVE-2021-43461

Cross Site Scripting XSS vulnerability exists in Rumble Mail Server 0.51.3135 via the servername parameter...

CVE-2016-4359

Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through...