Lucene search
+L

3983 matches found

EUVD
EUVD
added 2026/06/19 12:0 a.m.9 views

EUVD-2026-38052

In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...

6.5AI score0.00584EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 12:0 a.m.7 views

CVE-2026-51843

Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter...

6.2AI score0.00384EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-50966

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow occurs in the '/goform/AdvSetMacMtuWan' endpoint through the wanMTU parameter. A stack buffer overflow is a condition where a program writes more data to a buffer located on the...

9.8CVSS6.4AI score0.00384EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.22 views

PT-2026-50969

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow exists in the '/goform/AdvSetMacMtuWan' endpoint. This issue occurs when processing the wanSpeed parameter, which can lead to remote arbitrary code execution. Recommendations At...

9.8CVSS6.4AI score0.00584EPSS
Exploits1References5
NVD
NVD
added 2026/06/17 1:19 p.m.11 views

CVE-2026-11410

An authenticated OS command injection vulnerability exists in the BigPond Cable BPA WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...

8.5CVSS0.02787EPSS
Exploits0References3
CVE
CVE
added 2026/06/16 9:3 p.m.18 views

CVE-2026-11410

The CVE-2026-11410 entry concerns TL-WR940N v6 (BigPond Cable BPA WAN config) with an authenticated OS command injection caused by improper input sanitization in the configuration module. An administrator can trigger arbitrary command execution with elevated privileges on the device via the BPA W...

8.5CVSS5.8AI score0.02787EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2026/06/16 6:5 a.m.15 views

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-20262 , carries a CVSS score of 6.5 out of 10.0. "A vulnerability in the web UI of Cisco Catalyst SD-WAN...

6.5CVSS5.8AI score0.07683EPSS
Exploits2
Cvelist
Cvelist
added 2026/06/15 4:21 p.m.55 views

CVE-2026-20262 Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate...

6.5CVSS0.07683EPSS
Exploits2References1
CVE
CVE
added 2026/06/15 4:21 p.m.209 views

CVE-2026-20262

Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) exposes an Arbitrary File Write vulnerability in its web UI. An authenticated, lower-privileged user can craft requests to a file-upload API endpoint to create/overwrite files on the OS, with potential for root escalation. Cisco has released...

6.5CVSS5.5AI score0.07683EPSS
In wildExploits2References2Affected Software1
CISA
CISA
added 2026/06/15 12:0 p.m.167 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-20262link is external Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability CVE-2026-54420link is external LiteSpeed cPanel Plugin UNIX...

8.5CVSS5.4AI score0.07683EPSS
In wildExploits5References8
VulnCheck KEV
VulnCheck KEV
added 2026/06/15 12:0 a.m.41 views

VulnCheck KEV: CVE-2026-20262

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate...

6.5CVSS5.5AI score0.07683EPSS
In wildExploits2References4
GithubExploit
GithubExploit
added 2026/06/14 10:23 a.m.135 views

Exploit for Improper Encoding or Escaping of Output in Cisco Catalyst_Sd-Wan_Manager

🚨 CVE-2026-20245 - Cisco Catalyst SD-WAN Manager Privilege Esc...

7.8CVSS6.8AI score0.25323EPSS
Exploits2
GithubExploit
GithubExploit
added 2026/06/10 3:42 p.m.73 views

Exploit for Improper Encoding or Escaping of Output in Cisco Catalyst_Sd-Wan_Manager

CVE-2026-20245 - Cisco SD-WAN Privilege Escalation Exploit !...

7.8CVSS6AI score0.25323EPSS
Exploits2
Cvelist
Cvelist
added 2026/06/09 6:9 p.m.43 views

CVE-2026-10045 CVE-2026-10045

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

0.00209EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/06/09 12:0 a.m.8 views

Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability

Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system...

7.8CVSS6.2AI score0.25323EPSS
In wildExploits2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.7 views

Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation (cisco-sa-sdwan-privesc-4uxFrdzx)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD- WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly...

7.8CVSS6.5AI score0.25323EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.19 views

CVE-2026-20209

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive...

5.4CVSS5.5AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.13 views

CVE-2026-0244

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...

7.7CVSS5.5AI score0.00217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.11 views

CVE-2026-7136

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched...

10CVSS7.4AI score0.01766EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.10 views

CVE-2026-6194

A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of...

9CVSS8AI score0.00472EPSS
Exploits0References1
Rows per page
Query Builder