CVE-2019-25428 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via openvpn_users

Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the openvpnusers endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with script payloads in the username, remotenets,...

CVE-2026-26736

TOTOLINK A3002RUV3 V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the staticipv6 parameter in the formIpv6Setup function...

CVE-2019-25380

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vulnerabilities in the dhcp.cgi script. The vulnerability enables attackers to inject JavaScript via posted parameters (e.g., BOOT_SERVER, BOOT_FILE, BOOT_ROOT, START_ADDR, END_ADDR, DNS1, DNS2, NTP1,...

CVE-2022-26999

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wanipstat, wanmaskstat, wangwstat, and wandns1stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

EUVD-2020-20051

Malware in sbrugna...

EUVD-2020-17299

Malware in sbrugna...

EUVD-2025-13259

Malicious code in bioql PyPI...

CVE-2025-8825

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function RPsetBasicAuto of the file /goform/RPsetBasicAuto. The manipulation of the argument staticIp/staticNetmask leads to os command injection. It is possible to initiat...

CVE-2025-8825

The CVE-2025-8825 vulnerability affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 (firmware up to 20250801). Root cause: manipulation of staticIp/staticNetmask in the RP_setBasicAuto function (/goform/RP_setBasicAuto) enables OS command injection. Exploitation can be performed remotely, a...

Linksys多款产品 命令注入漏洞

The Linksys RE6250, among others, is a wireless extender from Linksys USA. A command injection vulnerability exists in various Linksys products. The vulnerability stems from improper manipulation of the staticIp and staticNetmask parameters by the RPsetBasicAuto function, which may result in os...

CVE-2025-8819

A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function setWan of the file /goform/setWan. The manipulation of the argument staticIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-4996

A vulnerability, which was classified as problematic, has been found in Intelbras RF 301K 1.1.5. This issue affects some unknown processing of the component Add Static IP. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit...

CVE-2020-24580

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. Lack of authentication functionality allows an attacker to assign a static IP address that was once used by a valid user...

CVE-2025-4996 Intelbras RF 301K Add Static IP cross site scripting

A vulnerability, which was classified as problematic, has been found in Intelbras RF 301K 1.1.5. This issue affects some unknown processing of the component Add Static IP. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit...

CVE-2025-4996 Intelbras RF 301K Add Static IP cross site scripting

A vulnerability, which was classified as problematic, has been found in Intelbras RF 301K 1.1.5. This issue affects some unknown processing of the component Add Static IP. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit...

Intelbras RF 301K 代码注入漏洞

The Intelbras RF 301K is a wireless router from Intelbras Brazil. A code injection vulnerability exists in the Intelbras RF 301K version 1.1.5, which stems from the Add Static IP component mishandling the parameter Description, which could lead to a cross-site scripting attack...

PT-2025-22286 · Intelbras · Intelbras Rf 301K

Name of the Vulnerable Software and Affected Versions: Intelbras RF 301K version 1.1.5 Description: A problematic issue has been found in the component Add Static IP, where the manipulation of the Description argument leads to cross-site scripting. This issue can be exploited remotely...

CVE-2025-46635

An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker who is authenticated to the guest Wi-Fi to access resources on the router and/or resources and devices on other...

CVE-2025-46635

An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker who is authenticated to the guest Wi-Fi to access resources on the router and/or resources and devices on other...

CVE-2025-46635

An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker who is authenticated to the guest Wi-Fi to access resources on the router and/or resources and devices on other...