Lucene search
K

9 matches found

NVD
NVD
added 3 days ago10 views

CVE-2026-61875

luci-app-upnp contains a stored cross-site scripting vulnerability that allows unauthenticated LAN clients to inject JavaScript via UPnP IGD AddPortMapping SOAP requests. Attackers can send malicious HTML in the NewPortMappingDescription field, which miniupnpd stores and luci-app-upnp renders...

8.8CVSS0.00289EPSS
Exploits0References2
CVE
CVE
added 3 days ago17 views

CVE-2026-61875

The vulnerability is in luci-app-upnp (OpenWrt LuCI) and is a stored cross-site scripting (XSS) flaw in the UPnP IGD AddPortMapping SOAP request. An unauthenticated LAN client can submit malicious HTML in the NewPortMappingDescription field; miniupnpd stores it and luci-app-upnp renders it withou...

8.8CVSS6.1AI score0.00289EPSS
Exploits0References2
NVD
NVD
added 2026/06/03 6:16 p.m.15 views

CVE-2026-36611

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized buffer when receiving POST requests without SOAPAction header on UPnP port 1900, exposing internal memory to unauthenticated adjacent network attackers...

7.3CVSS0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.42 views

CVE-2026-36608

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the intern...

0.00181EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36611

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized buffer when receiving POST requests without SOAPAction header on UPnP port 1900, exposing internal memory to unauthenticated adjacent network attackers...

7.3CVSS5.9AI score0.00231EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.5 views

CVE-2023-35722

NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists withi...

8.8CVSS7.9AI score0.01258EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.16 views

NETGEAR RAX30 安全漏洞

The NETGEAR RAX30 is a wireless router from NETGEAR. The NETGEAR RAX30 suffers from a command injection vulnerability that stems from a command injection vulnerability when processing UPnP port mapping requests, which can be exploited by an attacker to execute arbitrary commands...

8.8CVSS8AI score0.01258EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/08 12:0 a.m.6 views

PT-2023-3417 · NetGear · Netgear Rax30

Name of the Vulnerable Software and Affected Versions: NETGEAR RAX30 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this issue. The...

8.8CVSS7.4AI score0.01258EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.313 views

openSUSE Security Update : tor (openSUSE-SU-2014:0719-1) (Heartbleed)

tor 0.2.4.22 bnc878486 Tor was updated to the recommended version of the 0.2.4.x series. - major features in 0.2.4.x : - improved client resilience - support better link encryption with forward secrecy - new NTor circuit handshake - change relay queue for circuit create requests from size-based...

7.5CVSS8AI score0.99999EPSS
Exploits88References3
Rows per page
Query Builder