CVE-2026-9359 Edimax EW-7438RPn POST Request formHwSet command injection

A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...

CVE-2026-8190

The CVE-2026-8190 issue affects Wavlink NU516U1 M16U1_V240425, where the wan function in /cgi-bin/adm.cgi processes arguments ppp_username/ppp_passwd/rwan_ip/rwan_mask/rwan_gateway in a way that enables OS command injection. Remote exploitation is possible, and an exploit has been publicly disclo...

CVE-2026-24934

The DDNS function uses an insecure HTTP connection or fails to validate the SSL/TLS certificate when querying an external server for the device's WAN IP address. An unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to spoof the response, leading the device to update its...

EUVD-2005-0329

Malware in sbrugna...

PT-2025-40814

Name of the Vulnerable Software and Affected Versions Belkin F9K1015 version 1.00.10 Description A flaw exists in Belkin F9K1015 version 1.00.10 that allows for command injection. The issue is located in the file /goform/formSetWanStatic. Manipulation of the m wan ipaddr argument can lead to remo...

Belkin F9K1122 Command Injection Vulnerability

The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a command injection vulnerability that originates from the incorrect operation of the parameters wanipaddr/wannetmask/wangateway/wlssid in the file /goform/formBSSetSitesurvey. An attacker can exploit this vulnerability...

[Full-Disclosure] Zonet ZSR1104WE Router problem

Zonet ZSR1104WE Router does not report inbound connections with their WAN ip address. All inbound connections are posted as the routers LAN address. This issue is a simple one. The ZSR1104WE router with the listed firmware / hardware will not report an inbound TCP/IP connections WAN address. We...