CVE-2026-2958 D-Link DWR-M960 formWsc sub_457C5C stack-based overflow

A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub457C5C of the file /boafrm/formWsc. Such manipulation of the argument saveapply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and...

CVE-2026-2188

A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been...

D-Link DWR-M920 sub_42261C Function Stack Buffer Overflow Vulnerability

The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a stack buffer overflow vulnerability that stems from incorrect manipulation of the parameter ip6addr in the function sub42261C in the file /boafrm/formFilter, for which no detailed...

CVE-2022-37292

Tenda AX12 V22.03.01.21CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub42FDE4 function, which satisfies the request of the upper-level interface function sub430124, that is, handles the post request under /goform/SetIpMacBind...

CVE-2025-50398

Mercury D196G d196gv1-cn-up2020-01-0911.21.44 is vulnerable to Buffer Overflow in the function sub404CAEDC via the parameter facpassword...

CVE-2025-50402

FAST FAC1200R F400FAC1200RQ is vulnerable to Buffer Overflow in the function sub80435780 via the parameter string facpassword...

FAST FAC1200R 安全漏洞

The FAST FAC1200R is a wireless router from China-based FAST FAST. A security vulnerability exists in the FAST FAC1200R that originates from a buffer overflow due to the parameter facpassword in the sub80435780 function...

TOTOLINK A7000R sub_4222E0 function stack buffer overflow vulnerability

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability, which stems from the ssid5g parameter in the sub4222E0 function faili...

CVE-2025-63469

Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub421BAC function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-63466

Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the password parameter in the sub426EF8 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

EUVD-2025-37368

Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub421BAC function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-63462

Totolink A7000R v9.1.0u.6115B20201022 was discovered to contain a stack overflow via the wifiOff parameter in the sub421A04 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

PT-2025-44653

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description The software contains a stack overflow issue via the ssid parameter in the sub 422880 function. This can allow attackers to cause a Denial of Service DoS through a crafted request...

CVE-2025-63464

Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub42396C function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

PT-2025-44659

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description The software contains a stack overflow issue via the wifiOff parameter in the sub 4232EC function. This allows attackers to cause a Denial of Service DoS through a crafted request...

CVE-2025-63460

Totolink A7000R v9.1.0u.6115B20201022 was discovered to contain a stack overflow via the ssid5g parameter in the sub4222E0 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-63465

Totolink LR350 v9.3.5u.6369B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub422880 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-63462

Totolink A7000R v9.1.0u.6115B20201022 was discovered to contain a stack overflow via the wifiOff parameter in the sub421A04 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-41704

CVE-2025-41704 describes an unauthenticated DoS against the Modbus service by sending a crafted function and sub-function code. Public sources constrain affected products to Phoenix Contact and related QUINT4 modules, with references indicating multiple QUINT4-UPS/24DC/24DC/5/EIP, 10/EIP, and 20/...

PT-2025-41854

Name of the Vulnerable Software and Affected Versions Modbus affected versions not specified Description An unauthenticated remote attacker can cause a denial of service DoS condition affecting the Modbus service. This is achieved by sending a specific function and sub-function code. The core...