CVE-2025-7084

A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. This vulnerability affects the function formWpsStart of the file /goform/formWpsStart of the component webs. The manipulation of the argument pinCode leads to stack-based buffer overflow. The attack can be...

CVE-2025-7084

Belkin F9K1122 (1.00.33) is affected by a stack-based overflow in the web component function formWpsStart (/goform/formWpsStart) caused by manipulating the pinCode argument. The vulnerability can be exploited remotely; public exploit details exist per CVE records. Multiple sources confirm the iss...

PT-2025-29191 · Tenda · Tenda O3V2

Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.123880 Description: A critical vulnerability exists in Tenda O3V2. The setAutoReboot function within the /goform/setNetworkService file of the httpd component is affected. Manipulation of the week argument causes a...

PT-2025-29192 · Tenda · Tenda O3V2

Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.123880 Description: A critical vulnerability exists in the Tenda O3V2 device. The vulnerability is located within the formWifiMacFilterSet function of the httpd component, specifically in the file...

CVE-2025-6072

Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.Thi...

PT-2025-27816 · Abb · Abb Rmc-100 Lite +1

Name of the Vulnerable Software and Affected Versions: ABB RMC-100 versions 2105457-043 through 2105457-045 ABB RMC-100 LITE versions 2106229-015 through 2106229-016 Description: The issue is a Stack-based Buffer Overflow vulnerability. When the REST interface is enabled and an attacker gains...

CVE-2025-6886

A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be...

PT-2025-28805 · D Link · D-Link Dir-825

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 version 2.10 Description: A critical vulnerability exists in the D-Link DIR-825 router. This issue affects the sub 410DDC function within the switch language.cgi file of the httpd component. Manipulation of the Language paramet...

PT-2025-27358

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.14.6 Description: A stack-based buffer overflow issue has been found, affecting the function H5G node cmp3 in the file src/H5Gnode.c. This issue can be exploited locally. Recommendations: For HDF5 version 1.14.6, consider...

Security Bulletin: Due to use of Corosync, IBM MQ is vulnerable to a stack-based buffer overflow

Summary Corosync is used by IBM MQ as part of the RDQM component CVE-2025-30472 Vulnerability Details CVEID:CVE-2025-30472 DESCRIPTION: Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in...

CVE-2025-5829

Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers...

CVE-2025-6616

A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWANWizard51 of the file /goform/formSetWANWizard51. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be initiated...

CVE-2025-6617

A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as critical. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit...

CVE-2025-6614

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetWANTypeWizard5 of the file /goform/formSetWANTypeWizard5. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be...

CVE-2025-6615

A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWANwizard4 of the file /goform/formAutoDetecWANwizard4. The manipulation of the argument curTime leads to stack-based buffer overflow. It is possible to initiate the...

CVE-2025-6752

A vulnerability has been found in Linksys WRT1900ACS, EA7200, EA7450 and EA7500 up to 20250619 and classified as critical. This vulnerability affects the function SetDefaultConnectionService of the file /upnp/control/Layer3Forwarding of the component IGD. The manipulation of the argument...

CVE-2025-6752

The CVE-2025-6752 vulnerability affects Linksys WRT1900ACS, EA7200, EA7450, and EA7500 devices (IGD Layer3Forwarding, SetDefaultConnectionService). The issue is triggered by manipulating the NewDefaultConnectionService parameter in /upnp/control/Layer3Forwarding, causing a stack-based buffer over...

CVE-2025-6565

A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This affects the function httpd of the component HTTP POST Request Handler. The manipulation of the argument Host leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-5827 Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability

Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authenticati...

CVE-2025-6616

A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWANWizard51 of the file /goform/formSetWANWizard51. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be initiated...