Network-Device

A stack-based buffer overflow vulnerability (CVE-2026-10293) exists in UTT HiPER 1200GW up to version 2.5.3-170306 due to the strcpy function in /goform/formFireWall, allowing remote exploitation via manipulation of the Profile argument.

A stack-based buffer overflow vulnerability (CVE-2026-10123) exists in TRENDnet TEW-432BRP version 3.10B20 within the formSetDomainFilter function, allowing a remote attacker to execute arbitrary code by manipulating specific arguments in a request to /goform/formSetDomainFilter.

An authenticated remote attacker can exploit a vulnerability in Hirschmann HiSecOS to escalate privileges, potentially gaining unauthorized access and control over the affected system.

Totolink A8000RU version 7.1cu.643_b20200521 is vulnerable to remote command injection via the setOpenVpnCfg function, allowing unauthenticated attackers to execute arbitrary commands on the device.

Totolink A8000RU version 7.1cu.643_b20200521 is vulnerable to command injection via the setStaticDhcpRules function in the /cgi-bin/cstecgi.cgi file, allowing remote attackers to execute arbitrary OS commands by manipulating the 'enable' argument, and a public exploit is available.

Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability (CVE-2026-9139) in the embedded web configuration interface, allowing unauthenticated attackers with network access to recover administrative credentials directly from client-side JavaScript and gain full administrative access to the device.

Huawei HG630 V2 router contains an authentication bypass vulnerability (CVE-2020-37220) that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number via the `/api/system/deviceinfo` endpoint and using the last 8 characters as the default password.

A command injection vulnerability (CVE-2026-7256) in Zyxel WRE6505 v2 firmware allows an adjacent attacker on the LAN to execute arbitrary OS commands by sending a crafted HTTP request.

A buffer overflow vulnerability exists in TRENDnet TEW-821DAP version 1.12B01, allowing a remote attacker to execute arbitrary code by manipulating the 'str' argument in the auto_update_firmware function of the Firmware Update component.

Zyxel released a security advisory on April 28, 2026, addressing command injection vulnerabilities across multiple versions of their 4G LTE/5G NR CPE, DSL/Ethernet CPE, Fiber ONTs, and Wireless Extender products, potentially allowing attackers to execute arbitrary commands.

D-Link DWM-222W USB Wi-Fi Adapter is vulnerable to brute-force attacks due to a protection bypass, allowing unauthenticated adjacent network attackers to gain control over the device by circumventing login attempt limits.

A buffer overflow vulnerability (CVE-2026-6560) in H3C Magic B0 up to 100R002 allows remote attackers to execute arbitrary code by manipulating the 'param' argument in the Edit_BasicSSID function of the /goform/aspForm file.

A remote OS command injection vulnerability (CVE-2026-5677) exists in the CsteSystem function of the /cgi-bin/cstecgi.cgi file in Totolink A7100RU firmware version 7.4cu.2313_b20191024 due to improper handling of the resetFlags argument.

Hirschmann EagleSDV devices are vulnerable to denial-of-service (DoS) attacks where a device crash can be triggered by establishing TLS 1.0 or TLS 1.1 connections, leading to service disruption.

A remote OS command injection vulnerability exists in the Linksys MR9600 router version 2.0.6.206937, allowing attackers to execute arbitrary commands by manipulating specific function arguments via the SmartConnect.lua file.

A remote OS command injection vulnerability exists in the Totolink A8000RU router version 7.1cu.643_b20200521, allowing attackers to execute arbitrary commands by manipulating the 'tty_server' argument in the 'setAdvancedInfoShow' function.

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 are vulnerable to OS command injection (CVE-2022-50994) in the CGI login handler, allowing unauthenticated remote attackers to execute arbitrary commands by injecting shell metacharacters into the formpassword parameter if the target account has MOTP enabled.