CVE-2026-5830

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available...

CVE-2026-5830 Tenda AC15 SysToolChangePwd websGetVar stack-based overflow

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available...

CVE-2026-5830

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available...

CVE-2026-5830 Tenda AC15 SysToolChangePwd websGetVar stack-based overflow

A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available...

PT-2026-31564

Name of the Vulnerable Software and Affected Versions Tenda AC15 version 15.03.05.18 Description A stack-based buffer overflow exists in the websGetVar function of the /goform/SysToolChangePwd file. Manipulation of the oldPwd, newPwd, and cfmPwd arguments can trigger this issue. The attack can be...

CVE-2025-60699

A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the global.so binary. The getSaveConfig function retrieves the httphost parameter from user input via websGetVar and copies it into a fixed-size stack buffer v13 using strcpy without...

EUVD-2025-175365

A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the system.so binary. The setDiagnosisCfg function retrieves the ipDoamin parameter from user input via websGetVar and concatenates it directly into a ping system command executed via...

EUVD-2023-48231

Malicious code in bioql PyPI...

The vulnerability of the websGetVar function in the /goform/set_blacklist file of the LB-LINK router software allows a violator to gain full control over the device.

The vulnerability of the websGetVar function in the /goform/setblacklist file of the LB-LINK router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system command. Exploiting this vulnerability can allow a remote attacker to gain ful...

The vulnerability of the websGetVar function in the /goform/set_manpwd file of the LB-LINK microprogramming system allows a hacker to gain full control over the device.

The vulnerability of the websGetVar function in the /goform/setmanpwd file of the LB-LINK microprogramming system exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability can allow a malicious actor, operating...

The vulnerability of the websGetVar function in the /goform/set_cmd file of the LB-LINK microprogramming router software allows a hacker to gain full control over the device.

The vulnerability of the websGetVar function in the /goform/set command of the LB-LINK microprogramming device exists because measures to neutralize the special elements used in the operating system command are not taken. Exploiting this vulnerability can allow a malicious actor to gain full...

CVE-2025-1608

A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2. Affected is the function websGetVar of the file /goform/setmanpwd. The manipulation of the argument routepwd leads to os command injection. It is possible to launch the attack remotely. The exploit has...

D-Link DIR-619L B1 websGetVar Method Buffer Overflow Vulnerability

The D-Link DIR-619L B1 is a series of routers from the Chinese company AUO D-Link. The D-Link DIR-619L B1 suffers from a buffer overflow vulnerability that stems from a buffer overflow issue in the websGetVar method. No detailed vulnerability details are provided at this time...

The vulnerability of the websGetVar function in the D-Link DIR-619L router’s microprogramming software allows a hacker to induce a service failure.

The vulnerability of the websGetVar function in the D-Link DIR-619L router’s microprogramming system is related to the writing of data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure...

CVE-2023-43868

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via websGetVar function...

CVE-2023-43868

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via websGetVar function...

Buffer overflow

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via websGetVar function...

D-Link DIR-619 缓冲区错误漏洞

The D-Link DIR-619L B1 is a series of routers from the Chinese company AUO D-Link. The D-Link DIR-619L B1 suffers from a buffer overflow vulnerability that stems from a buffer overflow issue in the websGetVar method. No detailed vulnerability details are provided at this time...

CVE-2023-43868

CVE-2023-43868 affects D-Link DIR-619L B1 firmware 2.02 (DIR-619L B1). The vulnerability is a buffer overflow in the websGetVar function. Public docs describe a buffer overflow condition that could enable remote exploitation leading to denial of service or service disruption; explicit exploit det...