CVE-2024-22667

Vim before 9.0.2142 has a stack-based buffer overflow because didsetlangmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions...

SonicWall SonicOS Multiple Vulnerabilities (SNWLID-2023-0012)

According to its self-reported version, the remote SonicWall firewall is running a version of SonicOS that is affected by multiple vulnerabilities with impact to SonicOS Management Web Interface and SSLVPN Portal, but not SonicWall SSLVPN SMA100 and SMA1000 series products. These vulnerabilities...

CVE-2024-22667

Vim before 9.0.2142 has a stack-based buffer overflow because didsetlangmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions...

GLSA-202402-10 : NBD Tools: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-10 NBD Tools: Multiple Vulnerabilities - In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized...

Rockwell Automation LP30/40/50 and BM40 Operator Interface

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : LP30, LP40, LP50, and BM40 Operator Panels Vulnerability : Improper Validation of Consistency within Input, Out-of-bounds Write, Stack-based Buffer Overflow,...

CVE-2024-1003

A vulnerability, which was classified as critical, has been found in Totolink N200RE 9.3.5u.6139B20201216. Affected by this issue is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument lang leads to stack-based buffer overflow. The attack may be launched...

CVE-2024-1004

A vulnerability, which was classified as critical, was found in Totolink N200RE 9.3.5u.6139B20201216. This affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument httphost leads to stack-based buffer overflow. It is possible to initiate the attack remotel...

CVE-2024-1004

The CVE-2024-1004 entry applies to Totolink N200RE firmware version 9.3.5u.6139_B20201216, affecting the loginAuth() function in /cgi-bin/cstecgi.cgi. The root cause is a stack-based buffer overflow triggered by manipulating the http_host argument, enabling remote exploitation. Public exploit det...

CVE-2024-1003

Totolink N200RE is affected by CVE-2024-1003 in the setLanguageCfg function of /cgi-bin/cstecgi.cgi. The lang parameter causes a stack-based buffer overflow, with remote exploitation possible. Affected version: 9.3.5u.6139_B20201216. Public exploit details exist. PT-Security notes this as a criti...

CVE-2024-1001

A vulnerability classified as critical has been found in Totolink N200RE 9.3.5u.6139B20201216. Affected is the function main of the file /cgi-bin/cstecgi.cgi. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...

Stack overflow

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216. It has been rated as critical. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to stack-based buffer overflow. The attack may be initiated remotely...

Stack overflow

A vulnerability classified as critical has been found in Totolink N200RE 9.3.5u.6139B20201216. Affected is the function main of the file /cgi-bin/cstecgi.cgi. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2024-1001

CVE-2024-1001 – Totolink N200RE is affected by a stack-based buffer overflow in the main function of /cgi-bin/cstecgi.cgi. A remote attacker can exploit it, with public disclosure of the exploit. Multiple sources summarize the issue for Totolink N200RE 9.3.5u.6139_B20201216, indicating impact to ...

CVE-2024-1000

Totolink N200RE (9.3.5u.6139_B20201216) is affected. The vulnerability is in the /cgi-bin/cstecgi.cgi setTracerouteCfg function, where manipulation of the command argument leads to a stack-based buffer overflow. It can be triggered remotely and exploitation has been disclosed publicly. There is n...

CVE-2024-0997

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216 and classified as critical. Affected by this issue is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflow. The attack may be launched remotely...

Stack overflow

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216 and classified as critical. Affected by this issue is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflow. The attack may be launched remotely...

Stack overflow

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. It is possible to initiate the attack...

CVE-2024-0998

Totolink N200RE is affected by a stack-based buffer overflow in setDiagnosisCfg when processing the ip parameter in /cgi-bin/cstecgi.cgi (v9.3.5u.6139_B20201216). This vulnerability can be triggered remotely and may lead to code execution or other impacts as described across sources. No official ...

CVE-2024-0997

Totolink N200RE is affected by CVE-2024-0997. The vulnerability resides in the function setOpModeCfg in /cgi-bin/cstecgi.cgi, where manipulating the pppoeUser parameter can cause a stack-based buffer overflow. The issue can be exploited remotely and has been publicly disclosed. Multiple sources c...

CVE-2024-0996

A vulnerability classified as critical has been found in Tenda i9 1.0.0.94122. This affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T...