CVE-2026-7857

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /usergroup.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...

CVE-2026-7851

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used...

CVE-2026-7853 D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow

A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /autoreboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made...

CVE-2026-7853

CVE-2026-7853 affects D-Link DI-8100 with firmware 16.07.26A1. The weakness lies in the HTTP Handler’s /auto_reboot.asp, where the function sprintf mishandles the enable/time argument, causing a buffer overflow. This design flaw enables remote exploitation, and public exploit access is indicated ...

CVE-2026-7853

A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /autoreboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made...

CVE-2026-7851

CVE-2026-7851 affects D-Link DI-8100 (version 16.07.26A1). The vulnerability is in the function sprintf within the file yyxz.asp, where manipulation of the ID argument causes a stack-based buffer overflow. Attack is described as remotely exploitable, and exploit code is publicly available. The pr...

CVE-2026-24113

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

CVE-2026-24108

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

CVE-2026-24109

CVE-2026-24109 affects the Tenda W20E router firmware (V4.0br_V15.11.0.6). The issue is a buffer overflow caused by unsafely using the value of the variable picName in sprintf without validating its size, which may allow remote attackers to exploit via network access. Documented impacts are high ...

PT-2026-22596

Name of the Vulnerable Software and Affected Versions Tenda W20E version 4.0br V15.11.0.6 Description An issue exists in the Tenda W20E router firmware. Attackers can exploit this issue by controlling the picName variable. The picName value is used in the sprintf function without proper size...

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

CVE-2026-24113

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

EUVD-2026-9181

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

EUVD-2026-9182

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

Tenda FH1201 安全漏洞

Tenda FH1201 is a wireless router from Tenda China. A security vulnerability exists in Tenda FH1201 version 1.2.0.14408, which originates from the sprintf function in file /goform/SetIpBind improperly handles the parameter page, which could result in a stack buffer overflow...

EUVD-2025-200232

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

EUVD-2025-200234

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload' function uses “sprintf” to format a string that includes the user-controlled input of 'GetParametermeter' in the fixed-size buffer 'acStack4c' 64 bytes without checking the length. An attacker c...

PT-2025-48674

Name of the Vulnerable Software and Affected Versions Circutor SGE-PLC1000/SGE-PLC50 version 9.0.2 Description A stack-based buffer overflow exists in Circutor SGE-PLC1000/SGE-PLC50 version 9.0.2. The ShowMeterDatabase function copies user-controlled input into a fixed-size buffer using sprintf...