kernel: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is more than IEEE80211MAXSSIDLEN 32 it would lead to memory corruption so add some bounds checking...

CVE-2025-12259

A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...

CVE-2025-12258

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. Impacted is the function setOpModeCfg of the file /cgi-bin/cstecgi.cg of the component POST Parameter Handler. The manipulation of the argument opmode results in stack-based buffer overflow. The attack may be performed from...

CVE-2025-12260

CVE-2025-12260 concerns TOTOLINK A3300R (firmware 17.0.0cu.557_B20221024). The vulnerability lies in the function setSyslogCfg within the file /cgi-bin/cstecgi.cgi, in the POST Parameter Handler, where manipulation of the enable argument leads to a stack-based buffer overflow. The issue is exploi...

CVE-2025-12259 TOTOLINK A3300R POST Parameter cstecgi.cgi setScheduleCfg stack-based overflow

A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...

CVE-2025-12259 TOTOLINK A3300R POST Parameter cstecgi.cgi setScheduleCfg stack-based overflow

A flaw has been found in TOTOLINK A3300R 17.0.0cu.557B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate th...

CVE-2025-12258 TOTOLINK A3300R POST Parameter cstecgi.cg setOpModeCfg stack-based overflow

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. Impacted is the function setOpModeCfg of the file /cgi-bin/cstecgi.cg of the component POST Parameter Handler. The manipulation of the argument opmode results in stack-based buffer overflow. The attack may be performed from...

CVE-2025-12240

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-12241

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...

CVE-2025-12239

A weakness has been identified in TOTOLINK A3300R 17.0.0cu.557B20221024. The impacted element is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Executing manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public...

CVE-2025-12235

A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be...

CVE-2025-12241 TOTOLINK A3300R POST Parameter cstecgi.cgi setLanguageCfg stack-based overflow

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...

CVE-2025-12241 TOTOLINK A3300R POST Parameter cstecgi.cgi setLanguageCfg stack-based overflow

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...

CVE-2025-12240 TOTOLINK A3300R cstecgi.cgi setDmzCfg buffer overflow

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed...

CVE-2025-12239

TL;DR: CVE-2025-12239 affects TOTOLINK A3300R. The vulnerability lies in the setDdnsCfg function in /cgi-bin/cstecgi.cgi, where improper input length validation can cause a buffer overflow. Reported by multiple sources, it can be exploited remotely and may lead to arbitrary code execution or deni...

EUVD-2025-36074

A security flaw has been discovered in Tenda O3 1.0.0.102478. Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-12235 Tenda CH22 SetIpBind fromSetIpBind buffer overflow

A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be...

CVE-2025-12225

A vulnerability has been found in Tenda AC6 15.03.06.50. This issue affects some unknown processing of the file /goform/WifiGuestSet of the component HTTP Request Handler. Such manipulation of the argument shareSpeed leads to stack-based buffer overflow. The attack may be launched remotely. The...

CVE-2025-12225

A vulnerability has been found in Tenda AC6 15.03.06.50. This issue affects some unknown processing of the file /goform/WifiGuestSet of the component HTTP Request Handler. Such manipulation of the argument shareSpeed leads to stack-based buffer overflow. The attack may be launched remotely. The...

CVE-2025-12225 Tenda AC6 HTTP Request WifiGuestSet stack-based overflow

A vulnerability has been found in Tenda AC6 15.03.06.50. This issue affects some unknown processing of the file /goform/WifiGuestSet of the component HTTP Request Handler. Such manipulation of the argument shareSpeed leads to stack-based buffer overflow. The attack may be launched remotely. The...