CVE-2026-31548

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel pmsrfreewk in cfg80211pmsrwdevdown When the nl80211 socket that originated a PMSR request is closed, cfg80211releasepmsr sets the request's nlportid to zero and schedules pmsrfreewk to process the abort...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013237)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013237 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mes...

CVE-2026-23336

A flaw was found in the Linux kernel's cfg80211 component. This use-after-free vulnerability occurs when the rfkillblock work is not properly cancelled during the unregistration of a wireless device. A local attacker could potentially exploit this flaw, leading to a denial of service due to memor...

CVE-2026-4467 Comfast CF-AC100 mbox-config command injection

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4467

A vulnerability was found in Comfast CF-AC100 2.6.0.8. This impacts an unknown function of the file /cgi-bin/mbox-config?method=SET&section=wirelessdevicedissoc. The manipulation results in command injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4164

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

EUVD-2025-201295

When a WF200/WGM160P device is configured to operate as an Access Point, it may be vulnerable to a denial of service triggered by a malformed packet. The device may recover automatically or require a hard reset...

Hitachi TropOS 4th Gen 操作系统命令注入漏洞

Hitachi TropOS 4th Gen is a wireless communication device from Hitachi, Japan. An operating system command injection vulnerability exists in Hitachi TropOS 4th Gen. The vulnerability stems from a command injection in the Logging page of the Network Configuration Tool, which could lead to a...

EUVD-2006-5390

Malware in sbrugna...

EUVD-2016-9561

Malware in sbrugna...

AZL-77435 CVE-2023-53561 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix NULL pointer dereference when removing device In suspend and resume cycle, the removal and rescan of device ends up in NULL pointer dereference. During driver initialization, if the ipcimemwwanchannelinit fai...

CVE-2025-9586

CVE-2025-9586 affects Comfast CF-N1 firmware version 2.6.0. The vulnerability resides in the wireless_device_dissoc function of /usr/bin/webmgnt, where manipulating the mac argument leads to command injection. Exploitation appears feasible remotely, and public PoCs/exploits exist. Multiple connec...

Huawei EnzoH OS Command Injection Vulnerability

Huawei EnzoH is a wireless access device from Huawei China. Huawei EnzoH suffers from an operating system command injection vulnerability that can be exploited by an attacker to cause arbitrary command execution...

Huawei EnzoH 安全漏洞

Huawei EnzoH is a wireless access device from Huawei China. Huawei EnzoH suffers from an operating system command injection vulnerability that can be exploited by an attacker to cause arbitrary command execution...

Honeywell Experion Server 安全漏洞

Honeywell Experion Server is a high-performance industrial control system server from Honeywell USA for the Experion Process Knowledge System PKS platform. A security vulnerability exists in Honeywell Experion Server PKS versions 520.1 to 520.2 TCU9 HF1 and 530 to 530 TCU3, and OneWireless WDM...

KAON KCM3100 安全漏洞

KAON KCM3100 is a WiFi device from KAON Japan. A security vulnerability exists in KAON KCM3100 Ver1.4.2 and earlier versions, which stems from an authentication bypass that could lead to unauthorized access...

CVE-2022-37092

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById...

TOTOLINK CA600-PoE CloudSrvUserdataVersionCheck function url parameter command injection vulnerability

TOTOLINK CA600-PoE is an outdoor wireless AP/CPE device from China Gion Electronics TOTOLINK. TOTOLINK CA600-PoE suffers from a command injection vulnerability that stems from the CloudSrvUserdataVersionCheck function url parameter failing to correctly filter constructed command special character...

TOTOLINK CPE CP900 setApRebootScheCfg Function Command Injection Vulnerability

TOTOLINK CPE CP900 is an outdoor wireless CPE device from China Gion Electronics TOTOLINK. The TOTOLINK CPE CP900 suffers from a command injection vulnerability that stems from the setApRebootScheCfg function failing to correctly filter construct command special characters, commands, etc. No...

TOTOLINK CA600-PoE setWebWlanIdx Function Command Injection Vulnerability

TOTOLINK CA600-PoE is an outdoor wireless AP/CPE device from China Gion Electronics TOTOLINK. TOTOLINK CA600-PoE suffers from a command injection vulnerability that stems from the setWebWlanIdx function failing to properly filter construct command special characters, commands, etc. No detailed...