10 matches found
CVE-2026-2120
A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/setserversettings of the component Configuration Parameter Handler. The manipulation of the argument terminaladdr/serverip/serverport leads to os command injection. The attack may be...
EUVD-2026-5826
A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/setserversettings of the component Configuration Parameter Handler. The manipulation of the argument terminaladdr/serverip/serverport leads to os command injection. The attack may be...
CVE-2026-2120 D-Link DIR-823X Configuration Parameter set_server_settings os command injection
A vulnerability was identified in D-Link DIR-823X 250416. This affects an unknown function of the file /goform/setserversettings of the component Configuration Parameter Handler. The manipulation of the argument terminaladdr/serverip/serverport leads to os command injection. The attack may be...
CVE-2023-54260
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...
EUVD-2025-31476
Malicious code in bioql PyPI...
CVE-2025-11120 Tenda AC8 SetServerConfig formSetServerConfig buffer overflow
A weakness has been identified in Tenda AC8 16.03.34.06. The affected element is the function formSetServerConfig of the file /goform/SetServerConfig. Executing manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the publi...
PT-2025-39791
Name of the Vulnerable Software and Affected Versions Tenda AC8 version 16.03.34.06 Description A flaw exists in the formSetServerConfig function located in the /goform/SetServerConfig file. This can lead to a buffer overflow, potentially allowing for remote attacks. A public exploit is available...
CVE-2024-6964
CVE-2024-6964 affects Tenda O3 1.0.0.10, specifically the fromDhcpSetSer function where parameters dhcpEn/startIP/endIP/preDNS/altDNS/mask/gateway can be manipulated to trigger a stack-based overflow. This vulnerability is described as exploitable remotely with high impact (code execution/confide...
PT-2022-27129 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.18 Description: The issue is related to a Buffer Overflow that can be triggered via the formSetPPTPServer function. Recommendations: For Tenda AC15 version 15.03.05.18, consider disabling the formSetPPTPServer...
DEBIAN-CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the servertitle field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If setservertitle is called with untrusted input, arbitrary...