CVE-2026-25196

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the Wi-Fi SSID and/or password fields can lead to remote code execution when the configuration is...

CVE-2026-25196 Copeland XWEB and XWEB Pro OS Command Injection

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the Wi-Fi SSID and/or password fields can lead to remote code execution when the configuration is...

EUVD-2026-3215

A vulnerability was identified in Totolink LR350 9.3.5u.6369B20220309. This affects the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and...

CVE-2026-1156 Totolink LR350 cstecgi.cgi setWiFiBasicCfg buffer overflow

A vulnerability was determined in Totolink LR350 9.3.5u.6369B20220309. Affected by this issue is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

TOTOLINK LR350 sub_422880 function stack buffer overflow vulnerability

TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the ssid parameter in the...

TOTOLINK LR350 sub_42396C function stack buffer overflow vulnerability

TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the ssid parameter in the...

TOTOLINK LR350 安全漏洞

TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the ssid parameter in the...

CVE-2025-60341

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fastsettingwifiset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

EUVD-2025-25152

Malicious code in bioql PyPI...

EUVD-2025-7547

Malicious code in bioql PyPI...

CVE-2025-9245 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 WPSSTAPINEnr stack-based overflow

A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function WPSSTAPINEnr of the file /goform/WPSSTAPINEnr. Performing manipulation of the argument ssid results in stack-based...

CVE-2024-31972

EnGenius ESR580 A8J-EMR5000 devices allow a remote attacker to conduct stored XSS attacks that could lead to arbitrary JavaScript code execution under the context of the user's session via the Wi-Fi SSID input fields. Web scripts embedded into the vulnerable fields this way are executed immediate...

TOTOLINK NR1800X 安全漏洞

TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's Gion Electronics TOTOLINK. The TOTOLINK NR1800X suffers from a buffer overflow vulnerability that stems from the ssid parameter in the setWiFiGuestCfg function failing to properly validate the length size of the input...

Tenda AC1206 缓冲区错误漏洞

Shenzhen Jixiang Tengda Technology Co., Ltd AC1206 is a high-performance wireless router designed for 200M and above broadband users. A buffer overflow vulnerability exists in the Shenzhen Jixiang Tengda Technology Company Limited AC1206. The vulnerability stems from the formfastsettingwifiset...

CVE-2025-2213

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input leads to cross site scripting. The...

CVE-2025-2213

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input leads to cross site scripting. The...

CVE-2024-31973

Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via the 'Network Name SSID' input fields to the /index.htmlwirelessbasic page...

CVE-2024-31973

Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via the 'Network Name SSID' input fields to the /index.htmlwirelessbasic page...

TOTOLINK AC1200 安全漏洞

TOTOLINK AC1200 is a dual-band Wi-Fi router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK AC1200 v4.1.5cu.861B20230220 version, which stems from the failure of the ssid5g parameter of the setWizardCfg function to correctly validate the length and...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK A3700R v9.1.2u.5822B20200513, which stems from the ssid parameter of the setWizardCfg function failing to correctly validate the length and size of the input dat...