PT-2026-2074

Name of the Vulnerable Software and Affected Versions airMAX AC versions 8.7.20 and earlier airMAX M versions 6.3.22 and earlier airFiber AF60-XG version 1.2.2 and earlier airFiber AF60 versions 2.6.7 and earlier Description A malicious actor within Wi-Fi range could exploit a flaw in the airMAX...

CVE-2025-63292

Freebox v5 HD firmware = 1.7.20, Freebox v5 Crystal firmware = 1.7.20, Freebox v6 Révolution r1–r3 firmware = 4.7.x, Freebox Mini 4K firmware = 4.7.x, and Freebox One firmware = 4.7.x were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM...

EUVD-2024-35351

Malicious code in bioql PyPI...

SUSE-SU-2025:20351-1 Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678 - CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847 - CVE-2024-50115: KVM: nSV...

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678 CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice bsc1234847 CVE-2024-50115: KVM: nSVM:...

Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001017 fixes several issues. The following security issues were fixed: CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...

SUSE-SU-2025:01603-1 Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001011 fixes several issues. The following security issues were fixed: - CVE-2024-53042: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow bsc1233678. - CVE-2024-53156: wifi: ath9k: add range check for connrspepid in htcconnectservice...

CVE-2024-13870

An improper access control vulnerability exists in Bitdefender Box 1 firmware version 1.3.52.928 and below that allows an unauthenticated attacker to downgrade the device's firmware to an older, potentially vulnerable version of a Bitdefender-signed firmware. The attack requires Bitdefender BOX t...

CVE-2024-13870

An improper access control vulnerability exists in Bitdefender Box 1 firmware version 1.3.52.928 and below that allows an unauthenticated attacker to downgrade the device's firmware to an older, potentially vulnerable version of a Bitdefender-signed firmware. The attack requires Bitdefender BOX t...

CVE-2024-13870

Bitdefender Box 1 devices with firmware 1.3.52.928 or earlier are affected by an improper access control vulnerability that permits an unauthenticated attacker in Wi‑Fi range to downgrade firmware to an older, potentially vulnerable Bitdefender‑signed version when the device is in Recovery Mode. ...

CVE-2024-13870 Unauthenticated Firmware Downgrade in Bitdefender Box v1

An improper access control vulnerability exists in Bitdefender Box 1 firmware version 1.3.52.928 and below that allows an unauthenticated attacker to downgrade the device's firmware to an older, potentially vulnerable version of a Bitdefender-signed firmware. The attack requires Bitdefender BOX t...

CVE-2024-35522

Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operatingmode.cgi via the apmode parameter with ap24gmanual set to 1 and ap24gmanualsec set to NotNone...

CVE-2024-35522

Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operatingmode.cgi via the apmode parameter with ap24gmanual set to 1 and ap24gmanualsec set to NotNone...

CVE-2024-35522

The CVE-2024-35522 case is about NETGEAR EX3700 firmware prior to 1.0.0.98, which contains an authenticated command-injection vulnerability in the operating_mode.cgi script. The root cause is lack of input sanitization in the API handling the ap_mode/ap 24g manual controls (ap_mode parameter with...

TOTOLINK EX1800T 安全漏洞

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T langType parameter. An attacker can exploit this vulnerability to execute arbitrary commands on the system...

TOTOLINK EX1800T 安全漏洞

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1800T suffers from a command execution vulnerability that can be exploited by an attacker to execute arbitrary commands on the system...

PT-2023-9250 · Actiontec · Actiontec Wcb6200Q

Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q affected versions not specified Description: The issue is related to a stack-based buffer overflow in the uh get postdata withupload function of the HTTP server in Actiontec WCB6200Q Wi-Fi range extenders. This allows a...

CVE-2022-38956

An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to replace the user-uploaded firmware image with an original old firmware image. This affects Firmware 1.1.11.1.9 and earlier...

CVE-2022-38955

An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the CRC check. A successful attack can either introduce a backdoor to the device or make the...

CVE-2022-38956

The CVE-2022-38956 issue affects Netgear WPN824EXT WiFi Range Extender, specifically firmware versions 1.1.1 through 1.1.9 and earlier. The root cause is lack of integrity checks in the firmware update path, enabling a MITM attacker to downgrade the firmware by replacing the user-uploaded image w...