2218 matches found
Wavlink AC3000 qos.cgi qos_sta_settings() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2048 Wavlink AC3000 qos.cgi qosstasettings buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39299 SUMMARY A buffer overflow vulnerability exists in the qos.cgi qosstasettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially...
Wavlink AC3000 openvpn.cgi openvpn_server_setup() Configuration Control Vulnerabilities
Talos Vulnerability Report TALOS-2024-2050 Wavlink AC3000 openvpn.cgi openvpnserversetup Configuration Control Vulnerabilities January 14, 2025 CVE Number CVE-2024-39798,CVE-2024-39800,CVE-2024-39799 SUMMARY Multiple external config control vulnerabilities exists in the openvpn.cgi...
Wavlink AC3000 nas.cgi set_nas() samba Configuration Control Vulnerability
Talos Vulnerability Report TALOS-2024-2052 Wavlink AC3000 nas.cgi setnas samba Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-39602 SUMMARY An external config control vulnerability exists in the nas.cgi setnas functionality of Wavlink AC3000 M33A8.V5030.210505. A special...
Wavlink AC3000 adm.cgi set_wzdap() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2027 Wavlink AC3000 adm.cgi setwzdap buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39358 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzap functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 adm.cgi set_sys_adm() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2030 Wavlink AC3000 adm.cgi setsysadm buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39774 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setsysadm functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 adm.cgi set_TR069() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2029 Wavlink AC3000 adm.cgi setTR069 buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-37357 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setTR069 functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 testsave.sh Information Disclosure vulnerability
Talos Vulnerability Report TALOS-2024-2035 Wavlink AC3000 testsave.sh Information Disclosure vulnerability January 14, 2025 CVE Number CVE-2024-39773 SUMMARY An information disclosure vulnerability exists in the testsave.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 internet.cgi set_add_routing() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2021 Wavlink AC3000 internet.cgi setaddrouting buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39288 SUMMARY A buffer overflow vulnerability exists in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A...
Wavlink AC3000 adm.cgi set_MeshAp() arbitrary code execution vulnerability
Talos Vulnerability Report TALOS-2024-2031 Wavlink AC3000 adm.cgi setMeshAp arbitrary code execution vulnerability January 14, 2025 CVE Number CVE-2024-39370 SUMMARY An arbitrary code execution vulnerability exists in the adm.cgi setMeshAp functionality of Wavlink AC3000 M33A8.V5030.210505. A...
Wavlink AC3000 login.cgi Unauthenticated Firmware Upload vulnerability
Talos Vulnerability Report TALOS-2024-2036 Wavlink AC3000 login.cgi Unauthenticated Firmware Upload vulnerability January 14, 2025 CVE Number CVE-2024-39608 SUMMARY A firmware update vulnerability exists in the login.cgi functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 usbip.cgi set_info() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2045 Wavlink AC3000 usbip.cgi setinfo buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36272 SUMMARY A buffer overflow vulnerability exists in the usbip.cgi setinfo functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 adm.cgi set_TR069() command injection vulnerability
Talos Vulnerability Report TALOS-2024-2028 Wavlink AC3000 adm.cgi setTR069 command injection vulnerability January 14, 2025 CVE Number CVE-2024-21797 SUMMARY A command execution vulnerability exists in the adm.cgi setTR069 functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HT...
Wavlink AC3000 login.cgi set_sys_init() command injection vulnerabilities
Talos Vulnerability Report TALOS-2024-2018 Wavlink AC3000 login.cgi setsysinit command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39759,CVE-2024-39761,CVE-2024-39760 SUMMARY Multiple OS command injection vulnerabilities exist in the login.cgi setsysinit functionality of Wavlin...
Wavlink AC3000 internet.cgi set_qos() buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2024-2022 Wavlink AC3000 internet.cgi setqos buffer overflow vulnerabilities January 14, 2025 CVE Number CVE-2024-39768,CVE-2024-39770,CVE-2024-39769 SUMMARY Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000...
Wavlink AC3000 fw_check.sh Firmware Upload vulnerability
Talos Vulnerability Report TALOS-2024-2037 Wavlink AC3000 fwcheck.sh Firmware Upload vulnerability January 14, 2025 CVE Number CVE-2024-39273 SUMMARY A firmware update vulnerability exists in the fwcheck.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can...
Wavlink AC3000 login.cgi Goto_chidx() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2019 Wavlink AC3000 login.cgi Gotochidx buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36290 SUMMARY A buffer overflow vulnerability exists in the login.cgi Gotochidx functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 wctrls static login vulnerability
Talos Vulnerability Report TALOS-2024-2034 Wavlink AC3000 wctrls static login vulnerability January 14, 2025 CVE Number CVE-2024-39754 SUMMARY A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead ...
Wavlink AC3000 adm.cgi rep_as_router() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2024 Wavlink AC3000 adm.cgi repasrouter buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39756 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasrouter functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 touchlist_sync.cgi main() arbitrary code execution vulnerability
Talos Vulnerability Report TALOS-2024-1999 Wavlink AC3000 touchlistsync.cgi main arbitrary code execution vulnerability January 14, 2025 CVE Number CVE-2022-2488 SUMMARY An arbitrary code execution vulnerability exists in the touchlistsync.cgi main functionality of Wavlink AC3000...
OFFIS DCMTK nowindow improper array index validation vulnerability
Talos Vulnerability Report TALOS-2024-2122 OFFIS DCMTK nowindow improper array index validation vulnerability January 13, 2025 CVE Number CVE-2024-47796 SUMMARY An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM fi...
OFFIS DCMTK determineMinMax improper array index validation vulnerability
Talos Vulnerability Report TALOS-2024-2121 OFFIS DCMTK determineMinMax improper array index validation vulnerability January 13, 2025 CVE Number CVE-2024-52333 SUMMARY An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially...
Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability
Talos Vulnerability Report TALOS-2024-2089 Progress WhatsUp Gold SnmpExtendedActiveMonitor path traversal vulnerability January 8, 2025 CVE Number CVE-2024-12105 SUMMARY A path traversal vulnerability exists in the handling of SnmpExtendedActiveMonitor requests in Progress WhatsUp Gold 24.0.1 Bui...
Foxit Reader Checkbox Calculate CBF_Widget Use-After-Free Vulnerability
Talos Vulnerability Report TALOS-2024-2093 Foxit Reader Checkbox Calculate CBFWidget Use-After-Free Vulnerability December 18, 2024 CVE Number CVE-2024-49576 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBFWidget object. A specially craft...
Foxit Reader 3D Page Object Use-After-Free Vulnerability
Talos Vulnerability Report TALOS-2024-2094 Foxit Reader 3D Page Object Use-After-Free Vulnerability December 18, 2024 CVE Number CVE-2024-47810 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially crafted Javascript code inside...
Adobe Acrobat Reader Font Program Function Definition Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2024-2076 Adobe Acrobat Reader Font Program Function Definition Out-Of-Bounds Read Vulnerability December 11, 2024 CVE Number CVE-2024-49534 SUMMARY An out-of-bounds read vulnerability exists in font handling code of Adobe Acrobat Reader 2024.002.21005. A font fil...
Adobe Acrobat Reader Font Private Point Numbers Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2024-2070 Adobe Acrobat Reader Font Private Point Numbers Out-Of-Bounds Read Vulnerability December 11, 2024 CVE Number CVE-2024-49533 SUMMARY An out-of-bounds read vulnerability exists in font handling code of Adobe Acrobat Reader 2024.002.21005. A font file with...
Adobe Acrobat Reader Font gvar per-tuple-variation-table Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2024-2064 Adobe Acrobat Reader Font gvar per-tuple-variation-table Out-Of-Bounds Read Vulnerability December 11, 2024 CVE Number CVE-2024-49532 SUMMARY An out-of-bounds read vulnerability exists in font handling code of Adobe Acrobat Reader 2024.002.21005. A...
GoCast NAT parameter OS command injection vulnerability
Talos Vulnerability Report TALOS-2024-1961 GoCast NAT parameter OS command injection vulnerability November 21, 2024 CVE Number CVE-2024-29224 SUMMARY An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command...
GoCast HTTP API lack of authentication vulnerability
Talos Vulnerability Report TALOS-2024-1962 GoCast HTTP API lack of authentication vulnerability November 21, 2024 CVE Number CVE-2024-21855 SUMMARY A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary...
GoCast name parameter OS command injection vulnerability
Talos Vulnerability Report TALOS-2024-1960 GoCast name parameter OS command injection vulnerability November 21, 2024 CVE Number CVE-2024-28892 SUMMARY An OS command injection vulnerability exists in the name parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary comman...
MC Technologies MC LR Router web interface I/O configuration OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2024-1953 MC Technologies MC LR Router web interface I/O configuration OS command injection vulnerabilities November 21, 2024 CVE Number CVE-2024-28027,CVE-2024-28025,CVE-2024-28026 SUMMARY Three OS command injection vulnerabilities exist in the web interface I/O...
MC Technologies MC LR Router web interface configuration upload OS command injection vulnerability
Talos Vulnerability Report TALOS-2024-1954 MC Technologies MC LR Router web interface configuration upload OS command injection vulnerability November 21, 2024 CVE Number CVE-2024-21786 SUMMARY An OS command injection vulnerability exists in the web interface configuration upload functionality of...
LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability
Talos Vulnerability Report TALOS-2024-1983 LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability October 30, 2024 CVE Number CVE-2024-32946 SUMMARY A vulnerability in the LevelOne WBR-6012 router’s firmware version R0.40e6 allows sensitive information to be transmitted in cleartext v...
LevelOne WBR-6012 Web Application denial of service vulnerability
Talos Vulnerability Report TALOS-2024-2001 LevelOne WBR-6012 Web Application denial of service vulnerability October 30, 2024 CVE Number CVE-2024-33623 SUMMARY A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP...
LevelOne WBR-6012 FTP improper input validation vulnerability
Talos Vulnerability Report TALOS-2024-1998 LevelOne WBR-6012 FTP improper input validation vulnerability October 30, 2024 CVE Number CVE-2024-33700 SUMMARY The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers...
LevelOne WBR-6012 Web Application cross-site request forgery (CSRF) vulnerability
Talos Vulnerability Report TALOS-2024-1981 LevelOne WBR-6012 Web Application cross-site request forgery CSRF vulnerability October 30, 2024 CVE Number CVE-2024-24777 SUMMARY A cross-site request forgery CSRF vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e...
LevelOne WBR-6012 Web Application buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-1997 LevelOne WBR-6012 Web Application buffer overflow vulnerability October 30, 2024 CVE Number CVE-2024-28052 SUMMARY The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while...
LevelOne WBR-6012 Web Application improper resource allocation vulnerability
Talos Vulnerability Report TALOS-2024-1982 LevelOne WBR-6012 Web Application improper resource allocation vulnerability October 30, 2024 CVE Number CVE-2024-31152 SUMMARY The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application,...
LevelOne WBR-6012 Web Application information disclosure vulnerability
Talos Vulnerability Report TALOS-2024-1985 LevelOne WBR-6012 Web Application information disclosure vulnerability October 30, 2024 CVE Number CVE-2024-33603 SUMMARY The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users ...
LevelOne WBR-6012 Web Application information disclosure vulnerability
Talos Vulnerability Report TALOS-2024-1986 LevelOne WBR-6012 Web Application information disclosure vulnerability October 30, 2024 CVE Number CVE-2024-33626 SUMMARY The LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive...
LevelOne WBR-6012 Web Application weak authentication vulnerability
Talos Vulnerability Report TALOS-2024-1984 LevelOne WBR-6012 Web Application weak authentication vulnerability October 30, 2024 CVE Number CVE-2024-33699 SUMMARY The LevelOne WBR-6012 router’s web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the...
LevelOne WBR-6012 hard-coded password vulnerability
Talos Vulnerability Report TALOS-2024-1979 LevelOne WBR-6012 hard-coded password vulnerability October 30, 2024 CVE Number CVE-2024-28875,CVE-2024-31151 SUMMARY A security flaw involving hard-coded credentials in LevelOne WBR-6012’s web services allows attackers to gain unauthorized access during...
LevelOne WBR-6012 Web Application authentication bypass vulnerability
Talos Vulnerability Report TALOS-2024-1996 LevelOne WBR-6012 Web Application authentication bypass vulnerability October 30, 2024 CVE Number CVE-2024-23309 SUMMARY The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance ...
NVIDIA D3D10 Driver Shader Functionality LD instruction out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-2012 NVIDIA D3D10 Driver Shader Functionality LD instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0117 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10 Driver 555.99,...
NVIDIA D3D10 Driver Shader Functionality STORE_STRUCTURED instruction out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-2014 NVIDIA D3D10 Driver Shader Functionality STORESTRUCTURED instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0120 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10...
NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-2015 NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0119 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10 Driver 555.99...
NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration
Talos Vulnerability Report TALOS-2024-2013 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration October 23, 2024 CVE Number CVE-2024-0118 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D...
NVIDIA D3D10 Driver Shader Functionality SAMPLE out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-1955 NVIDIA D3D10 Driver Shader Functionality SAMPLE out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0121 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality SAMPLE instruction of NVIDIA D3D10 Driver NVIDIA D3D...
GNOME Project G Structured File Library (libgsf) Compound Document Binary File Directory integer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2068 GNOME Project G Structured File Library libgsf Compound Document Binary File Directory integer overflow vulnerability October 3, 2024 CVE Number CVE-2024-36474 SUMMARY An integer overflow vulnerability exists in the Compound Document Binary File format...
GNOME Project G Structured File Library (libgsf) Compound Document Binary File Sector Allocation Table integer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2069 GNOME Project G Structured File Library libgsf Compound Document Binary File Sector Allocation Table integer overflow vulnerability October 3, 2024 CVE Number CVE-2024-42415 SUMMARY An integer overflow vulnerability exists in the Compound Document Binary...