CVE-2026-10126

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID results in buffer overflow. The attack can be launched remotely. The exploit has...

CVE-2026-9442

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be launched remotely. Th...

CVE-2026-9345

A vulnerability was detected in Edimax EW-7438RPn up to 1.31. This affects the function formWizSurvey of the file /goform/formWizSurvey of the component webs. Performing a manipulation of the argument ssid/manualssid/ip/mask/gateway results in buffer overflow. The attack is possible to be carried...

CVE-2026-9442

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be launched remotely. Th...

EUVD-2026-31549

A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function EditBasicSSID5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used. The...

CVE-2026-9359 Edimax EW-7438RPn POST Request formHwSet command injection

A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...

CVE-2026-9345

The CVE concerns Edimax EW-7438RPn (firmware up to 1.31) in the webs component, specifically the formWizSurvey function located in /goform/formWizSurvey. The vulnerability arises from a buffer overflow triggered by manipulating arguments such as ssid, manualssid, ip, mask, or gateway. This is des...

CVE-2026-9345 Edimax EW-7438RPn webs formWizSurvey buffer overflow

A vulnerability was detected in Edimax EW-7438RPn up to 1.31. This affects the function formWizSurvey of the file /goform/formWizSurvey of the component webs. Performing a manipulation of the argument ssid/manualssid/ip/mask/gateway results in buffer overflow. The attack is possible to be carried...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: r8188eu: prevented -Ssid overflow in rtwwxsetscan This code includes a check to prevent read overflow, but another check is needed to prevent writing beyond the end of the -Ssid array...

CVE-2026-8777

A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulation of the argument stadrvssid results in command injection. The attack can be initiated remotely. T...

CVE-2026-8777 Edimax BR-6428NS POST Request formStaDrvSetup command injection

A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulation of the argument stadrvssid results in command injection. The attack can be initiated remotely. T...

PT-2026-41595

A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulation of the argument stadrv ssid results in command injection. The attack can be initiated remotely...

CVE-2026-23819 Error in SSID Processing allows Stored XSS in Web Management Interface

A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to...

CVE-2026-23819

CVE-2026-23819 affects Access Points running AOS-10 and AOS-8 Instant, targeting the web-based management interface. The vulnerability arises from SSID processing in the web UI, enabling an unauthenticated remote attacker to inject and execute arbitrary JavaScript in a victim’s browser within the...

CVE-2026-8263

The CVE affects Tenda AC6 (firmware 15.03.06.49_multi_TDE01) where the fromSetWirelessRepeat function in /goform/WifiExtraSet within the httpd component is vulnerable. Manipulating the mac/ssid arguments enables an OS command injection, allowing remote exploitation. Public exploits have been rele...

CVE-2026-8263

A security flaw has been discovered in Tenda AC6 15.03.06.49multiTDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. It is possible to initiate the attack...

CVE-2026-8263 Tenda AC6 httpd WifiExtraSet fromSetWirelessRepeat os command injection

A security flaw has been discovered in Tenda AC6 15.03.06.49multiTDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. It is possible to initiate the attack...

Tenda AC6 命令注入漏洞

Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version 15.03.06.49multiTDE01 of Tenda AC6 has a command injection vulnerability. This vulnerability stems from the function fromSetWirelessRepeat in the goform/WifiExtraSet module of the httpd component, which processes...

SUSE CVE-2026-31780

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation The variable valuesize is declared as u8 but accumulates the total length of all SSIDs to scan. Each SSID contributes up to 33 bytes IEEE80211MAXSSIDLEN + 1, an...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: mwifiex: Fixed a warning regarding memcpy operations that span fields in mwifiexconfigscan Replace a one-element array with a flexible-array member in the struct mwifiexietypeswildcardssidparams to fix the following warning...