CVE-2025-49162

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file overwrite via TFTP because a remote filename with a space character allows an attacker to control the local filename...

CVE-2020-29056

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices...

CVE-2024-23811

A vulnerability has been identified in SINEC NMS All versions V2.0 SP1. The affected application allows users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, that could potentially lead to remote code execution...

CVE-2009-2958

The tftprequest function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a TFTP read aka RRQ request with a malformed blksize option...

ad20041011.txt

3Com 3CDaemon Multiple Vulnerabilities By Sowhat 04.JAN.2005 http://secway.org/advisory/ad20041011.txt I.T.S Security Research Team Product Affected: 3Com 3CDaemon 2.0 revision 10 Vendor: www.3Com.com 1 BACKGROUD 3CDaemon is a free popular TFTP, FTP, and Syslog daemon for Microsoft Windows...