TOTOLINK X5000R 安全漏洞

TOTOLINK X5000R is a router produced by TOTOLINK, a Chinese company. The TOTOLINK X5000R V9.1.0cu.2415B20250515 version contains a security vulnerability. This vulnerability stems from insufficient boundary checking of the CONTENTLENGTH environment variable in the /cgi-bin/cstecgi.cgi file. It ma...

CVE-2025-67445

CVE-2025-67445 affects TOTOLINK X5000R (v9.1.0cu.2415_B20250515) in the /cgi-bin/cstecgi.cgi CGI. The issue stems from reading CONTENT_LENGTH and calling malloc(CONTENT_LENGTH + 1) without proper bounds checks. A crafted large POST request can exhaust memory or cause a segmentation fault when the...

EUVD-2015-3369

Malware in sbrugna...

PT-2025-28805 · D Link · D-Link Dir-825

Name of the Vulnerable Software and Affected Versions: D-Link DIR-825 version 2.10 Description: A critical vulnerability exists in the D-Link DIR-825 router. This issue affects the sub 410DDC function within the switch language.cgi file of the httpd component. Manipulation of the Language paramet...

Memory corruption

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed ...

Design/Logic Flaw

An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The network pre-shared key field on the web interface is vulnerable to XSS. An attacker can use a simple XSS payload to crash the basic.config page of the web interface...

Fortinet FortiOS Denial of Service Vulnerability (CNVD-2017-35607)

FortiOS is an intuitive operating system that lets you control all security and networking features of all FortiGates throughout your network. A denial of service vulnerability exists in Fortinet FortiOS. A remote authenticated user can cause the target web interface to be temporarily unavailable...

MileSight camera Web UI CGI Buffer Overflow Vulnerability

MileSight camera is a network camera produced by Xiamen PulseVision Digital Technology Co. A Web UI CGI buffer overflow vulnerability exists in MileSight camera. An attacker can exploit the vulnerability to cause the camera's web interface to crash and remotely execute arbitrary code...

CVE-2015-3323

CVE-2015-3323 affects Lenovo ThinkServer System Manager (TSM) BMC in RD350, RD450, RD550, RD650 and TD350. The vulnerability is triggered by a malformed HTTP request during authentication, causing a denial of service by crashing the web interface. A fix is available in TSM firmware 1.27.73476 (an...

Design/Logic Flaw

The Siemens SpeedStream 6520 router allows remote attackers to cause a denial of service web interface crash via an HTTP request to basehelpEnglish.htm with a large integer in the Content-Length field...