Lucene search
K
Bdu FstecRecent

90709 matches found

BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability in the web interface of the software-defined networking management software HPE Aruba Networking EdgeConnect SD-WAN Orchestrator allows a attacker to execute SQL injections.

The vulnerability in the web interface of the software-defined networking management software HPE Aruba Networking EdgeConnect SD-WAN Orchestrator is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute SQL...

9CVSS5.9AI score0.00404EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.1 views

The vulnerability in the web interface of the software-defined networking management software HPE Aruba Networking EdgeConnect SD-WAN Orchestrator allows a attacker to perform cross-site scripting (XSS) attacks.

The vulnerability of the web interface of the software-defined networking management software HPE Aruba Networking EdgeConnect SD-WAN Orchestrator is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

5.5CVSS5.6AI score0.00223EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.2 views

The vulnerability in the web interface of the software-defined networking management software HPE Aruba Networking EdgeConnect SD-WAN Orchestrator allows a attacker to execute SQL injections.

The vulnerability in the web interface of the software-defined networking management software HPE Aruba Networking EdgeConnect SD-WAN Orchestrator is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute SQL...

9CVSS5.9AI score0.00404EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability in the web interface of the software-defined networking management software HPE Aruba Networking EdgeConnect SD-WAN Orchestrator allows a attacker to execute SQL injections.

The vulnerability of the web interface of the software-defined networking management software HPE Aruba Networking EdgeConnect SD-WAN Orchestrator is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute SQL...

9CVSS5.9AI score0.00404EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of the Windows Management Services management tool allows a perpetrator to disclose sensitive information that is protected by this tool.

The vulnerability of the Windows Management Services management tool for operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS5.7AI score0.00614EPSS
Exploits0References2Affected Software13
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability of the Win32k.sys component in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the Win32k.sys component in Windows operating systems is related to the repeated release of memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

7CVSS5.8AI score0.00375EPSS
Exploits0References2Affected Software8
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability of the centreon-awie component of the Centreon software for monitoring IT infrastructure allows a hacker to gain unauthorized access to protected information.

The vulnerability of the centreon-awie component of the Centreon IT infrastructure monitoring software is related to the lack of authentication for a critical function. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

10CVSS5.8AI score0.00373EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.2 views

Vulnerability of the gdi_set_bounds() function in RDP clients of FreeRDP, allowing attackers to execute arbitrary code and cause service interruptions

The vulnerability of the gdisetbounds function in the RDP client of FreeRDP is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code and cause service failure...

7.8CVSS7.7AI score0.00402EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability of Microsoft Office package applications and Microsoft 365 Apps for Enterprise, related to memory usage after it is released, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Office package applications and Microsoft 365 Apps for Enterprise lies in the use of memory after it is released. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS6AI score0.00429EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of Microsoft Office package applications and Microsoft 365 Apps for Enterprise, related to unreliable pointer aliasing, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Office package applications and Microsoft 365 Apps for Enterprise is related to an unreliable pointer assignment mechanism. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS6AI score0.00526EPSS
Exploits0References2Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.1 views

Vulnerability of the gdi_SurfaceToSurface() function in the RDP client of FreeRDP, allowing a hacker to execute arbitrary code and cause service failure

The vulnerability of the gdiSurfaceToSurface function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failure...

7.8CVSS8AI score0.00434EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.1 views

Vulnerability of the update_pointer_new() function in the RDP client FreeRDP, allowing a hacker to execute arbitrary code and cause a service failure

The vulnerability of the updatepointernew function in the RDP client FreeRDP relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code and cause service failure...

7.8CVSS7.7AI score0.00402EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability of the ABB Ability OPTIMAX system, related to deficiencies in the implementation of authentication algorithms, allows attackers to bypass existing security mechanisms and gain unauthorized access to the system.

The vulnerability of the ABB Ability OPTIMAX system management system is related to deficiencies in the implementation of authentication algorithms. Exploiting this vulnerability could allow an attacker, operating remotely, to bypass existing security mechanisms and gain unauthorized access to th...

8.1CVSS5.8AI score0.0039EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.2 views

The vulnerability of the JavaScript and TypeScript Deno execution environment’s crypto module allows attackers to exploit it to disclose sensitive information through brute-force attacks.

The vulnerability of the JavaScript and TypeScript Deno execution environment’s crypto module is related to the absence of the necessary encryption step. Exploiting this vulnerability allows a remote attacker to disclose sensitive information by performing a brute-force attack...

8.6CVSS5.9AI score0.00195EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of the access controller service allows attackers to exploit the Capability Access Management Service (camsvc) of Windows operating systems, thereby enabling them to increase their privileges.

The vulnerability of the access controller service, which allows access to the Capability Access Management Service camsvc of Windows operating systems, arises due to a race condition. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7CVSS5.8AI score0.00219EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of the MSL (Magick Scripting Language) <write> command in the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure.

The vulnerability of the MSL Magick Scripting Language command in the console-based image editing tool ImageMagick is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.3AI score0.00161EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability of desktop window managers in Windows operating systems allows attackers to increase their privileges.

The vulnerability of desktop window managers in Windows operating systems relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.1AI score0.03989EPSS
Exploits2References2Affected Software10
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.2 views

Vulnerability of the clear_decompress_residual_data() function in the RDP client FreeRDP, allowing a hacker to execute arbitrary code and cause service failure

The vulnerability of the cleardecompressresidualdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

7.8CVSS7.9AI score0.00434EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.2 views

Vulnerability of the clear_decompress_bands_data() function in the RDP client FreeRDP, allowing a hacker to execute arbitrary code and cause service failure

The vulnerability of the cleardecompressbandsdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service interruptions...

7.8CVSS7.9AI score0.00434EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.1 views

The vulnerability of the IntraService customer interaction system, related to the violation of data protection mechanisms, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IntraService customer interaction system is related to a breach in the data protection mechanism. Exploiting this vulnerability allows an attacker operating remotely to gain unauthorized access to protected information...

6.8CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.1 views

The vulnerability of the Naumen Service Desk system for automating IT and business processes lies in the insufficient verification of entered data, allowing a perpetrator to execute arbitrary codes.

The vulnerability of Naumen Service Desk in automating IT and business processes is related to insufficient verification of input data. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary codes...

10CVSS6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of the strcpy() function in the microprogramming software for UTT 520W routers allows for the execution of arbitrary code by sending a specially crafted POST request.

The vulnerability of the strcpy function in the UTT 520W router’s microprogramming system is related to the operation of writing data outside the buffer during the processing of the hidcontact parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a...

9CVSS7.9AI score0.00837EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.5 views

The vulnerability of the Dell PowerScale OneFS operating system, related to synchronization errors when using shared resources (“Race Situation”), allows a perpetrator to trigger a service failure.

The vulnerability of the Dell PowerScale OneFS operating system is related to synchronization errors when using shared resources “Race Conditions”. Exploiting this vulnerability can allow a malicious actor to trigger service failures remotely...

3.5CVSS5.7AI score0.00162EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.1 views

The vulnerability of the clear_decompress() function in the RDP client FreeRDP allows a hacker to execute arbitrary code and trigger a service failure.

The vulnerability of the cleardecompress function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

7.8CVSS8AI score0.00443EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.1 views

The vulnerability of the Glyph_Alloc() function in the RDP client FreeRDP allows a hacker to trigger a service failure.

The vulnerability of the GlyphAlloc function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

5.3CVSS7.4AI score0.00481EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of the Network Driver Interface Standard (NDIS) interface in Windows operating systems, which allows a hacker to disclose protected information

The vulnerability of the Network Driver Interface Standard NDIS in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

4.6CVSS6AI score0.00442EPSS
Exploits0References2Affected Software24
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability of the access controller service allows attackers to exploit the Capability Access Management Service (camsvc) of Windows operating systems, thereby enabling them to increase their privileges.

The vulnerability of the access controller service, which allows access to the Capability Access Management Service camsvc of Windows operating systems, arises due to a race condition. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7CVSS5.8AI score0.00288EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server’s software packages, related to deserialization mechanism flaws, allows attackers to execute arbitrary code.

The vulnerability of Microsoft SharePoint Server and SharePoint Enterprise Server packages is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6.4AI score0.2943EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.5 views

The vulnerability of the Dell PowerScale OneFS operating system, related to insufficient limit on authentication attempts, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Dell PowerScale OneFS operating system lies in the insufficient limitation on authentication attempts. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

8.1CVSS5.8AI score0.00367EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability of the Dell PowerScale OneFS operating system, related to the improper assignment of permissions for the critical resource, allows a perpetrator to trigger a service failure.

The vulnerability of the Dell PowerScale OneFS operating system is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow an attacker to trigger a service failure...

5CVSS5.8AI score0.00116EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability of the Gardener-extension-provider extension controller, related to improper code generation, allows a malicious actor to execute arbitrary code.

The vulnerability of the Gardener-extension-provider extension controller is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.9CVSS7.7AI score0.00477EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of the centreon-awie component of the Centreon software for monitoring IT infrastructure allows a hacker to execute arbitrary code.

The vulnerability of the centreon-awie component of the Centreon software for monitoring IT infrastructure is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created SQL...

10CVSS6.2AI score0.11204EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.2 views

The vulnerability of the ReadXBMImage() function in the console-based image editing tool ImageMagick allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ReadXBMImage function in the console-based ImageMagick graphics editor is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

8.1CVSS7.5AI score0.00609EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of the BilateralBlurImage method in the AcquireBilateralTLS function of the ImageMagick console graphics editor allows a hacker to cause a service failure.

The vulnerability of the BilateralBlurImage method in the AcquireBilateralTLS function of the ImageMagick console graphics editor is related to the release of an incorrect pointer. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

6.5CVSS5.8AI score0.00336EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.1 views

Vulnerability of the planar_decompress_plane_rle() function in the RDP client FreeRDP, allowing a hacker to execute arbitrary code and trigger a service failure

The vulnerability of the planardecompressplanerle function in the FreeRDP RDP client is related to buffer overflow in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failure...

7.8CVSS8AI score0.00443EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.4 views

The vulnerability of Grafana Pyroscope’s continuous profiling software relates to the disclosure of information, which allows a perpetrator to access confidential data.

The vulnerability of Grafana Pyroscope’s continuous profiling software is related to the exposure of information. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information...

9.4CVSS5.8AI score0.00406EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of Microsoft Office package applications and Microsoft 365 Apps for Enterprise, related to deficiencies in access control, allows attackers to bypass security restrictions.

The vulnerability of Microsoft Office package applications and Microsoft 365 Apps for Enterprise is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to bypass security restrictions...

7.8CVSS5.8AI score0.00406EPSS
Exploits0References2Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.4 views

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter, related to writing beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS6.2AI score0.00186EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.5 views

The vulnerability of the strcpy() function in the /goform/formPptpClientConfig file of the UTT 520W router’s microprogramming software, which allows a attacker to cause a service failure.

The vulnerability of the strcpy function in the /goform/formPptpClientConfig file of the UTT 520W router microprogramming system is related to the issue where the operation’s output escapes the buffer and is stored in memory when processing the EncryptionMode parameter. Exploiting this...

9CVSS7.4AI score0.00583EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.2 views

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to writing beyond buffer boundaries in memory, allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a system failure...

7.8CVSS6.3AI score0.00151EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.5 views

The vulnerability of the irp_thread_func() function in the RDP client of FreeRDP, which allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the irpthreadfunc function in the RDP client of FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

7.6CVSS7.7AI score0.00453EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.5 views

The vulnerability of the ndr_read_uint8Array() function in the RDP client of FreeRDP, allowing a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the ndrreaduint8Array function in the RDP client FreeRDP is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures remotely...

7.6CVSS7.7AI score0.00662EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.2 views

The vulnerability of the client for USB devices in the URBDRC RDP-client FreeRDP system allows a perpetrator to execute arbitrary code or trigger a service failure.

The vulnerability of the URBDRC RDP-client-freeRDP device lies in unvalidated array indexing. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures...

7.1CVSS7.6AI score0.00756EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.5 views

The vulnerability of the setWiFiEasyGuestCfg() function in TOTOLINK A3700R router software allows a hacker to trigger a service failure.

The vulnerability of the setWiFiEasyGuestCfg function in TOTOLINK A3700R router microprogramming software is related to the issue of the operation going beyond the buffer in memory when processing the ssid parameter. Exploiting this vulnerability could allow a remote attacker to cause service...

9CVSS7.5AI score0.00655EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.3 views

The vulnerability of the setWizardCfg() function in the TOTOLINK LR350 router’s microprogramming software allows a hacker to induce a service failure.

The vulnerability of the setWizardCfg function in TOTOLINK LR350 router microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the parameter ssid. Exploiting this vulnerability allows an attacker to cause a service failure by...

9CVSS7.5AI score0.00632EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.1 views

The vulnerability of the setWiFiEasyGuestCfg() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK LR350 router’s microprogramming software allows a hacker to induce a service failure.

The vulnerability of the setWiFiEasyGuestCfg function in the cgi-bin/cstecgi.cgi script of the TOTOLINK LR350 router’s microprogramming system is related to the issue of data leaving the buffer and being stored in memory when processing the ssid parameter. Exploiting this vulnerability could allo...

9CVSS7.4AI score0.00794EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.4 views

The vulnerability in the built-in heap profiler service of the Apache bRPC RPC framework allows a perpetrator to execute arbitrary commands.

The vulnerability of the built-in heap profiler RPC framework of Apache bRPC is related to the lack of measures taken to clean up data at the management level when processing the extraoptions parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS7.9AI score0.26163EPSS
Exploits3References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.4 views

The vulnerability of the setDiagnosisCfg() function in the microprogramming software of TOTOLINK LR350 allows a intruder to execute arbitrary commands.

The vulnerability of the setDiagnosisCfg function in TOTOLINK LR350 router microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

6.5CVSS6.9AI score0.02714EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.6 views

The vulnerability of the strcpy() function in the /goform/formUser file of the UTT 520W router’s microprogramming system, which allows a attacker to cause a service failure.

The vulnerability of the strcpy function in the /goform/formUser file of the UTT 520W router microprogramming system is related to the escape of the operation beyond the buffer in memory when processing the passwd1 parameter. Exploiting this vulnerability could allow a remote attacker to cause a...

9CVSS7.5AI score0.00783EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/01/20 12:0 a.m.3 views

The vulnerability in the downloadFile.cgi script of the TOTOLINK A810R router’s microprogramming software allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of the downloadFile.cgi script in the TOTOLINK A810R router’s microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...

7.8CVSS6.4AI score0.00503EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities90709