Qmssdxn

Name of the Vulnerable Software and Affected Versions UTT HiPER 1200GW versions up to 2.5.3-170306 Description A remote buffer overflow exists in the `strcpy()` function of the file '/goform/formNatStaticMap' when the `NatBind` argument is manipulated. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** H3C Magic B1 versions up to 100R004 **Description** A flaw exists in H3C Magic B1 up to version 100R004. The issue involves a buffer overflow in the `sub 44de0` function within the `/goform/aspForm` file. Manipulation of the `param` argument can trigger this overflow, potentially allowing for remote exploitation. The exploit for this issue has been publicly released. The vendor was notified but did not respond. **Recommendations** Versions prior to 100R005 should be updated.

**Name of the Vulnerable Software and Affected Versions** Tenda AC21 version 16.03.08.16 **Description** A buffer overflow issue exists in the function `sub 45BB10` of the file `/goform/WifiExtraSet`. Manipulation of the `wpapsk crypto` argument can trigger this issue, allowing for remote exploitation. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tenda AC23 versions up to 16.03.07.52 **Description** A buffer overflow issue exists in the HTTP POST Request Handler component of Tenda AC23. The issue is due to the manipulation of the `startIp` argument within the `sscanf` function located in the /goform/SetPptpServerCfg file. This allows for remote exploitation. The exploit has been publicly disclosed. **Recommendations** Update Tenda AC23 to a version later than 16.03.07.52.

**Name of the Vulnerable Software and Affected Versions** H3C Magic B3 versions up to 100R002 **Description** A flaw exists in H3C Magic B3 that allows for remote buffer overflow. The issue is related to the `AddMacList` function within the `/goform/aspForm` file. Manipulation of the `param` argument can trigger the overflow. The exploit is publicly available. **Recommendations** Versions up to 100R002 should be updated to a newer, secure version when available. As a temporary workaround, consider restricting access to the `/goform/aspForm` file. Avoid using the `param` argument in the `AddMacList` function until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: UTT 1200GW versions up to 3.0.0-170831 Description: A buffer overflow weakness exists in UTT 1200GW up to version 3.0.0-170831. The issue is related to the manipulation of the `ssid` argument within the `/goform/ConfigWirelessBase` file. This manipulation can lead to a buffer overflow, and the attack can be initiated remotely. The exploit has been publicly released. The vendor was notified but did not respond. Recommendations: Versions prior to 3.0.0-170831 should be updated. As a temporary workaround, restrict access to the `/goform/ConfigWirelessBase` file to minimize the risk of exploitation. Avoid using the `ssid` parameter in the `/goform/ConfigWirelessBase` file until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: UTT 1200GW versions prior to 3.0.0-170831 Description: A security issue has been identified in UTT 1200GW. Manipulation of the `loadBalanceNameOld` argument in the `sub 4B48F8` function within the `/goform/formApLbConfig` file can lead to a buffer overflow. This issue may be exploited remotely. The exploit has been publicly disclosed. Recommendations: Versions prior to 3.0.0-170831: Update to version 3.0.0-170831 or later. As a temporary workaround, restrict access to the `/goform/formApLbConfig` file to minimize the risk of exploitation. Avoid using the `loadBalanceNameOld` parameter in the affected function `sub 4B48F8` until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-823X versions up to 250416 **Description** A vulnerability exists in D-Link DIR-823X routers that allows for remote command injection. The vulnerability is located in the `sub 415028` function of the `/goform/set static leases` file. Manipulation of the `Hostname` argument can lead to command injection, potentially granting unauthenticated attackers full device control. The exploit for this issue has been publicly disclosed. **Recommendations** D-Link DIR-823X versions up to 250416: Update the firmware to address the vulnerability. D-Link DIR-823X versions up to 250416: Disable WAN administration access. D-Link DIR-823X versions up to 250416: Restrict management access to the LAN.

**Name of the Vulnerable Software and Affected Versions** Telesquare TLR-2005KSH version 1.2.4 **Description** A vulnerability exists in Telesquare TLR-2005KSH version 1.2.4. The issue is related to command injection in the `/cgi-bin/internet.cgi?Command=lanCfg` file through manipulation of the `Hostname` argument. This can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LB-LINK BL-X26 version 1.2.8 **Description** A weakness exists in the HTTP Handler component due to the manipulation of the `enable` argument within the `/goform/set hidessid cfg` file, leading to os command injection. This issue can be exploited remotely. The exploit has been made publicly available. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: DCN DCME-720 version 9.1.5.11 Description: A vulnerability exists in DCN DCME-720 version 9.1.5.11 related to OS command injection. The issue is located in the Web Management Backend component, specifically within the file `/usr/local/www/function/audit/newstatistics/ip block.php`. Manipulation of the `ip` argument can lead to the execution of arbitrary OS commands. The attack can be initiated remotely. The exploit has been made public. Recommendations: As a temporary workaround, consider restricting access to the `/usr/local/www/function/audit/newstatistics/ip block.php` file until a patch is available.

Name of the Vulnerable Software and Affected Versions: TOTOLINK A720R version 4.1.5cu.630 B20250509 Description: A security flaw exists in TOTOLINK A720R 4.1.5cu.630 B20250509. The issue affects the `setParentalRules` function within the `/cgi-bin/cstecgi.cgi` file and allows for remote buffer overflow attacks through manipulation of the `desc` argument. The exploit for this issue has been publicly released. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LB-LINK BL-X26 version 1.2.8 **Description** A security issue has been identified in LB-LINK BL-X26 version 1.2.8 related to the HTTP Handler component. Manipulation of the `mac` argument in the `/goform/set blacklist` file can lead to os command injection. The attack can be launched remotely. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/goform/set blacklist` file to minimize the risk of exploitation. Avoid using the `mac` parameter in the affected `/goform/set blacklist` API endpoint until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection vulnerability exists in itsourcecode Online Tour and Travel Management System 1.0. The vulnerability is located in an unknown function within the `/admin/email setup.php` file. Manipulation of the `Name` argument can lead to SQL injection, allowing for remote exploitation. The exploit for this issue has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A vulnerability exists in itsourcecode Online Tour and Travel Management System 1.0, affecting an unknown functionality within the `/admin/booking report.php` file. Manipulation of the `from date` argument can lead to a SQL injection. The attack can be launched remotely, and the exploit has been publicly disclosed. Recommendations: For itsourcecode Online Tour and Travel Management System version 1.0, sanitize the `from date` input to prevent SQL injection. As a temporary workaround, restrict access to the `/admin/booking report.php` file.

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A vulnerability was identified in the processing of the file `/admin/sms setting.php`. Manipulation of the `uname` argument leads to a SQL injection. The attack may be initiated remotely. The exploit has been disclosed to the public. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Online Tour and Travel Management System 1.0, specifically within the `/admin/expense report.php` file. Manipulation of the `from date` argument allows for remote exploitation. The exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Tenda AC20 versions prior to 16.03.08.13 Description: A vulnerability exists in Tenda AC20 routers due to a buffer overflow in the `strcpy` function within the `/goform/saveParentControlInfo` file. Manipulation of the `Time` argument leads to the overflow, and the attack can be launched remotely. The exploit for this issue has been publicly disclosed. Recommendations: Update Tenda AC20 to version 16.03.08.13 or later.

Name of the Vulnerable Software and Affected Versions: Tenda AC20 versions up to 16.03.08.12 Description: A vulnerability exists in Tenda AC20. The manipulation of the `shareSpeed` argument in an unknown function within the `/goform/WifiGuestSet` file leads to a buffer overflow. The attack can be executed remotely, and the exploit has been publicly disclosed and may be used. Recommendations: Tenda AC20 versions prior to 16.03.08.12: Update to version 16.03.08.12 or later. As a temporary workaround, consider restricting access to the `/goform/WifiGuestSet` file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Wavlink WL-NU516U1 M16U1 V240425 Description: A vulnerability exists due to command injection. The issue is located in the `/cgi-bin/wireless.cgi` file and impacts the `sub 4032E4` function. Manipulation of the `Guest ssid` argument can lead to command injection, and the attack is possible remotely. The exploit has been publicly disclosed. Recommendations: As a temporary workaround, consider restricting access to the `/cgi-bin/wireless.cgi` file until a patch is available. Avoid using the `Guest ssid` argument in the affected file until the issue is resolved.