Total
1979 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9527 | 1 Linksys | 2 E1700, E1700 Firmware | 2025-10-09 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the function QoSSetup of the file /goform/QoSSetup. Performing manipulation of the argument ack_policy results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-11386 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-10-09 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-11387 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-10-09 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fast_setting_pppoe_set. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-11388 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-10-09 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts an unknown function of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-54399 | 1 Planet | 2 Wgr-500, Wgr-500 Firmware | 2025-10-09 | N/A | 8.8 HIGH |
| Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `ipaddr` request parameter for composing the `"ping -c <counts> <ipaddr> 2>&1 > %s &"` string. | |||||
| CVE-2025-54400 | 1 Planet | 2 Wgr-500, Wgr-500 Firmware | 2025-10-09 | N/A | 8.8 HIGH |
| Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `counts` request parameter for composing the `"ping -c <counts> <ipaddr> 2>&1 > %s &"` string. | |||||
| CVE-2025-54401 | 1 Planet | 2 Wgr-500, Wgr-500 Firmware | 2025-10-09 | N/A | 8.8 HIGH |
| Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `submit-url` request parameter. | |||||
| CVE-2025-54402 | 1 Planet | 2 Wgr-500, Wgr-500 Firmware | 2025-10-09 | N/A | 8.8 HIGH |
| Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `submit-url` and `ipaddr` request parameters combined. | |||||
| CVE-2025-11418 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| A security vulnerability has been detected in Tenda CH22 up to 1.0.0.1. This issue affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP Request Handler. The manipulation of the argument mit_ssid_index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2024-36468 | 1 Zabbix | 1 Zabbix | 2025-10-08 | N/A | 3.0 LOW |
| The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking. | |||||
| CVE-2025-59362 | 1 Squid-cache | 1 Squid | 2025-10-07 | N/A | 4.0 MEDIUM |
| Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c. | |||||
| CVE-2025-60660 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | N/A | 7.5 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the mac parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60662 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | N/A | 7.5 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanSpeed parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60663 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | N/A | 7.5 HIGH |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanMTU parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-60661 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | N/A | 5.3 MEDIUM |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the cloneType parameter in the fromAdvSetMacMtuWan function. | |||||
| CVE-2025-11324 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda AC18 15.03.05.19(6318). Affected by this vulnerability is an unknown functionality of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-11325 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda AC18 15.03.05.19(6318). Affected by this issue is some unknown functionality of the file /goform/fast_setting_pppoe_set. Performing manipulation of the argument Username results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-11326 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in Tenda AC18 15.03.05.19(6318). This affects an unknown part of the file /goform/WifiMacFilterSet. Executing manipulation of the argument wifi_chkHz can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-11327 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in Tenda AC18 15.03.05.19(6318). This vulnerability affects unknown code of the file /goform/SetUpnpCfg. The manipulation of the argument upnpEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-11328 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in Tenda AC18 15.03.05.19(6318). This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. | |||||