PT-2025-3479 · Trendnet · Trendnet Tew-632Brp

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-632BRP version 1.010B31 Description: The issue is related to an OS command injection vulnerability in the CGl interface "ntp sync.cgi". This vulnerability allows remote attackers to execute arbitrary commands via the ntp server...

PT-2024-28265 · Wavlink · Wavlink Wn551K1

Name of the Vulnerable Software and Affected Versions: WAVLINK WN551K1 affected versions not specified Description: A command injection issue was discovered, which can be exploited through the IP parameter of the "/cgi-bin/touchlist sync.cgi" API endpoint. Recommendations: At the moment, there is...

CVE-2020-10214

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

PT-2019-6344 · D Link · D-Link Dir-825

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 versions 2.10 Description: The issue is related to the lack of input validation in the firmware of D-Link DIR-825 routers. This can be exploited by a remote attacker to execute arbitrary commands by sending a specially crafted...

Buffalo TeraStation TS-Series multiple vulnerabilities

Title: Buffalo TeraStation TS-Series multiple vulnerabilities Version affected: firmware version = 1.5.7 Vendor: http://www.buffalotech.com/products/network-storage Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched...

Buffalo TeraStation TS-Series - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Title: Buffalo TeraStation TS-Series multiple vulnerabilities Version affected: firmware version = 1.5.7 Vendor: http://www.buffalotech.com/products/network-storage Discovered by: Andrea Fabrizi Email: andrea.fabrizi gmail com Web:...