CVE-2026-9359 Edimax EW-7438RPn POST Request formHwSet command injection

A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...

EUVD-2020-20472

Malware in sbrugna...

upload-server-for-novi-software-security

project: "TP-Link TL-WR841N Firmware Security Assessment" descr...

CVE-2020-23590

A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery CSRF attack to change the Password for "WLAN SSID" through "wlwpa.asp"...

CVE-2020-27980

Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users...

CVE-2024-34195

TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restriction on the wlanssid field. This oversight leads to potential buffer overflow under specific...

PT-2024-5934 · Totolink · Totolink Ac1200 Wireless Router

Name of the Vulnerable Software and Affected Versions: TOTOLINK AC1200 Wireless Router A3002RU version V2.1.1-B20230720.1011 Description: The issue concerns a buffer overflow vulnerability related to the formWlEncrypt CGI handler in the boa program. This handler fails to limit the length of the...

TOTOLINK AC1200 安全漏洞

TOTOLINK AC1200 is a dual-band Wi-Fi router from China's Gion Electronics TOTOLINK. The TOTOLINK AC1200 suffers from a buffer overflow vulnerability that originates from the formWlEncrypt CGI handler in the boa program that fails to limit the length of the wlanssid field entered by the user. An...

PT-2024-25732 · Totolink · Totolink Ac1200 Wireless Router

Name of the Vulnerable Software and Affected Versions: TOTOLINK AC1200 Wireless Router A3002R Firmware version 1.1.1-B20200824 Description: The issue is related to a Buffer Overflow vulnerability in the boa server program's CGI handling function formWlEncrypt, due to a lack of length restriction ...

CVE-2024-34196

Totolink AC1200 Wireless Dual Band Gigabit Router A3002RU_V3 firmware V3.0.0-B20230809.1615 is affected by a buffer overflow in the boa CGI, allowing an attacker to modify the vwlan_idx field via formMultiAP. By crafting malformed HTTP requests with a WLAN SSID exceeding the expected length, this...

CVE-2024-33820

Totolink AC1200 Wireless Dual Band Gigabit Router A3002RV4 Firmware V4.0.0-B20230531.1404 is vulnerable to Buffer Overflow via the formWlEncrypt function of the boa server. Specifically, they exploit the length of the wlanssid field triggers the overflow...

CVE-2020-23590

A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery CSRF attack to change the Password for "WLAN SSID" through "wlwpa.asp"...

Cross site request forgery (csrf)

A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery CSRF attack to change the Password for "WLAN SSID" through "wlwpa.asp"...

CVE-2020-23590

CVE-2020-23590 affects Optilink OP-XT71000N hardware v2.2 with firmware OP_V3.3.1-191028. A CSRF vulnerability allows an unauthenticated remote attacker to change the WLAN SSID password via the page endpoint wlwpa.asp . The issue is rated CVSS v3.1 base score 6.5 (Medium) with impact on integrity...

CVE-2020-23590

A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery CSRF attack to change the Password for "WLAN SSID" through "wlwpa.asp"...

CVE-2020-27980

Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users...

Cross site scripting

Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users...

CVE-2020-27980

The CVE-2020-27980 entry refers to Genexis Platinum-4410 devices (P4410-V2-1.28) with a stored XSS vulnerability in the WLAN SSID parameter. The underlying issue is in how the SSID is handled, enabling an XSS popup that could affect all privileged users. Connected documents corroborate the produc...

Multiple Vulnerabilities in D'Link DIR-635

Device Name: DIR-635 Vendor: D-Link ============ Vulnerable Firmware Releases: ============ Firmwareversion: 2.34EU Hardware-Version: B1 Produktseite: DIR-635 ============ Vulnerability Overview: ============ Stored XSS - Status - WLAN - SSID Injecting scripts into the parameter...