CVE-2026-27650

OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products...

EUVD-2026-16551

Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication...

CVE-2026-27650

OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products...

CVE-2019-16288

On Tenda N301 wireless routers, a long string in the wifiSSID parameter of a goform/setWifi POST request causes the device to crash...

EUVD-2017-6518

Malware in sbrugna...

EUVD-2025-19052

Malicious code in bioql PyPI...

EUVD-2023-30593

Malicious code in bioql PyPI...

EUVD-2023-31532

Malicious code in bioql PyPI...

Multiple vulnerabilities in ELECOM wireless LAN routers

Overview Multiple wireless LAN routers provided by ELECOM CO.,LTD. contain multiple vulnerabilities listed below. Hidden functionality CWE-912 - CVE-2025-46267 OS command injection in WebGUI CWE-78 - CVE-2025-53472 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC...

CVE-2025-6559

Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. The affected models are out of support; replacing the device is recommended...

CVE-2025-6559

Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. The affected models are out of support; replacing the device is recommended...

CVE-2025-6559 Sapido Wireless Router - OS Command Injection

Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server. The affected models are out of support; replacing the device is recommended...

CVE-2025-5443

CVE-2025-5443 affects Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 (versions 1.0.013.001–1.2.07.001). The vulnerable component is the wirelessAdvancedHidden function in /goform/wirelessAdvancedHidden. Malicious manipulation of ExtChSelector/24GSelector/5GSelector leads to OS command injectio...

CVE-2025-5443 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 wirelessAdvancedHidden os command injection

A vulnerability, which was classified as critical, was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function wirelessAdvancedHidden of the file /goform/wirelessAdvancedHidden. The manipulation of the...

CVE-2023-26800

Ruijie Networks RG-EW1200 Wireless Routers EW3.01B11P204 was discovered to contain a command injetion vulnerability via the params.path parameter in the upgradeConfirm function...

[SECURITY] Fedora 42 Update: dropbear-2025.88-1.fc42

Dropbear is a relatively small SSH server and client. It's particularly useful for "embedded"-type Linux or other Unix systems, such as wireless routers...

The vulnerability of the web interface of Microprogramming Software for WI-Fi routers from Sharp allows a hacker to elevate their privileges and execute arbitrary commands.

The vulnerability of the web interface of Microprogramming Software-based Wi-Fi routers from Sharp is related to insufficient protection of operational data during code debugging. Exploiting this vulnerability can allow a remote attacker to enhance their privileges and execute arbitrary commands...

IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024

Since the end of 2024, we have been continuously monitoring large-scale DDoS attacks orchestrated by an IoT botnet exploiting vulnerable IoT devices such as wireless routers and IP cameras...

The vulnerability of the USER command processor in TP-Link VN020 F3v(T) wireless routers allows a hacker to cause a service failure.

The vulnerability of the USER command handler in TP-Link VN020 F3vT Wi-Fi routers lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to cause service failures remotely...

CVE-2024-45696

Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded credentials. The telnet service enabled through this method can only be accessed from within the...