CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/05/24 12:0 a.m.•6 views

Edimax EW-7438RPn 命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. Version 1.12 of the Edimax EW-7438RPn contains a command injection vulnerability. This vulnerability stems from improper handling of the parameter submit-url in the formAccept function of the component POST...

6.5CVSS6.6AI score0.01364EPSS

Exploits0References4

CNNVD•added 2026/05/24 12:0 a.m.•8 views

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. Versions of Edimax EW-7438RPn prior to 1.31 contained a security vulnerability. This vulnerability stemmed from the formWirelessTbl function in the webs component files and/goform/formWirelessTbl, which handl...

9CVSS7.7AI score0.00589EPSS

Exploits0References6

EUVD•added 2026/05/08 6:32 a.m.•7 views

EUVD-2026-28528

A vulnerability has been found in Totolink X5000R 9.1.0u.6369B20230113. This vulnerability affects the function sub458E40 of the file /boafrm/formDdns. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclos...

9CVSS5.9AI score0.00463EPSS

Exploits0References6

Cvelist•added 2026/05/08 4:0 a.m.•30 views

CVE-2026-8137 Totolink X5000R formDdns sub_458E40 buffer overflow

9CVSS0.00463EPSS

CVE•added 2026/05/08 4:0 a.m.•8 views

CVE-2026-8137

The CVE-2026-8137 entry affects Totolink X5000R (firmware 9.1.0u.6369_B20230113). The vulnerable component is the function sub_458E40 in /boafrm/formDdns, where manipulation of the submit-url argument causes a buffer overflow. Remote exploitation is possible, and the exploit has been disclosed pu...

9CVSS7.5AI score0.00463EPSS

Vulnrichment•added 2026/05/08 4:0 a.m.•4 views

CVE-2026-8137 Totolink X5000R formDdns sub_458E40 buffer overflow

9CVSS7.5AI score0.00463EPSS

CNNVD•added 2026/05/08 12:0 a.m.•6 views

TOTOLINK X5000R 缓冲区错误漏洞

The TOTOLINK X5000R is a router produced by TOTOLINK, a Chinese electronics company. The version 9.1.0u.6369B20230113 of the Totolink X5000R contains a buffer error vulnerability. This vulnerability stems from improper handling of the submit-url parameter in the function sub458E40 within the...

9CVSS7.7AI score0.00463EPSS

Exploits0References1

RedhatCVE•added 2026/04/29 8:48 p.m.•1 views

CVE-2026-7289

A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used...

9CVSS8.6AI score0.0069EPSS

RedhatCVE•added 2026/04/29 2:48 p.m.•1 views

CVE-2026-7288

A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed t...

9CVSS8.3AI score0.0069EPSS

NVD•added 2026/04/28 3:16 p.m.•3 views

CVE-2026-7288

9CVSS0.0069EPSS

NVD•added 2026/04/28 3:16 p.m.•2 views

CVE-2026-7289

9CVSS0.0069EPSS

Vulnrichment•added 2026/04/28 3:1 p.m.•1 views

CVE-2026-7289 D-Link DIR-825M formWanConfigSetup sub_414BA8 buffer overflow

9CVSS8.6AI score0.0069EPSS

CVE•added 2026/04/28 3:1 p.m.•8 views

CVE-2026-7289

The CVE-2026-7289 entry concerns D-Link DIR-825M (firmware version 1.1.12). A vulnerability in the function sub_414BA8 of /boafrm/formWanConfigSetup allows manipulation of the submit-url argument to trigger a buffer overflow, enabling a remote attack. Public exploitation appears to be available. ...

9CVSS8.6AI score0.0069EPSS

Exploits1References5Affected Software1

EUVD•added 2026/04/28 2:46 p.m.•2 views

EUVD-2026-26067

9CVSS8.3AI score0.0069EPSS

CNNVD•added 2026/04/28 12:0 a.m.•7 views

D-Link DIR-825M 缓冲区错误漏洞

The D-Link DIR-825M is a router produced by D-Link Corporation. Version 1.1.12 of the D-Link DIR-825M contains a buffer overflow vulnerability. This vulnerability arises from the parameter submit-url in the function sub4151FC in the file /file/boafrm/formVpnConfigSetup, which leads to a buffer...

9CVSS7.8AI score0.0069EPSS

Exploits1References2

CNNVD•added 2026/04/28 12:0 a.m.•6 views

D-Link DIR-825M 缓冲区错误漏洞

The D-Link DIR-825M is a router produced by D-Link Corporation. Version 1.1.12 of the D-Link DIR-825M contains a buffer overflow vulnerability. This vulnerability arises from the parameter submit-url in the function sub414BA8 within the file /file/boafrm/formWanConfigSetup, which leads to a buffe...

9CVSS7.8AI score0.0069EPSS

Exploits1References2

RedhatCVE•added 2026/02/24 1:34 a.m.•3 views

CVE-2026-2960

A flaw has been found in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub468D64 of the file /boafrm/formDhcpv6s. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and...

9CVSS8.8AI score0.00728EPSS

RedhatCVE•added 2026/02/24 1:34 a.m.•6 views

CVE-2026-2962

A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may b...

9CVSS8.6AI score0.03384EPSS

RedhatCVE•added 2026/02/24 1:34 a.m.•6 views

CVE-2026-2961

A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried...

9CVSS8.7AI score0.0341EPSS