Vuldb Updates

A vulnerability was found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. It has been classified as critical. This impacts an unknown function of the component GET Handler. This manipulation causes command injection. The identification of this vulnerability is CVE-2025-29519. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability labeled as critical has been found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. This vulnerability affects unknown code of the component Maintenance Module. The manipulation results in improper access controls. This vulnerability is cataloged as CVE-2025-29520. The attack may be launched remotely. There is no exploit available.

A vulnerability described as very critical has been identified in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. Impacted is an unknown function. Such manipulation leads to use of default credentials. This vulnerability is documented as CVE-2025-29521. The attack can be executed remotely. There is not any exploit available.

A vulnerability classified as critical was found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. The impacted element is the function ping. Executing manipulation can lead to command injection. This vulnerability appears as CVE-2025-29522. The attack may be performed from remote. There is no available exploit.

A vulnerability classified as critical has been found in Biosig libbiosig 3.9.0. This vulnerability affects unknown code of the file biosig.c of the component MFER Parser. This manipulation causes stack-based buffer overflow. This vulnerability appears as CVE-2025-54489. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as critical was found in Biosig libbiosig 3.9.0. This issue affects some unknown processing of the file biosig.c of the component MFER Parser. Such manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-54490. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Biosig libbiosig 3.9.0. Impacted is an unknown function of the file biosig.c of the component MFER Parser. Performing manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2025-54491. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability, which was classified as critical, was found in Biosig libbiosig 3.9.0. The affected element is an unknown function of the file biosig.c of the component MFER Parser. Executing manipulation can lead to stack-based buffer overflow. This vulnerability is handled as CVE-2025-54492. The attack can be executed remotely. There is not any exploit available.

A vulnerability has been found in Biosig libbiosig 3.9.0 and classified as critical. The impacted element is an unknown function of the file biosig.c of the component MFER Parser. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-54493. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in Biosig libbiosig 3.9.0 and classified as critical. This affects an unknown function of the file biosig.c of the component MFER Parser. The manipulation results in stack-based buffer overflow. This vulnerability was named CVE-2025-54494. The attack may be performed from remote. There is no available exploit.

A vulnerability, which was classified as critical, has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function ipRangeBlockManageRule of the file /goform/ipRangeBlockManageRule. Performing manipulation of the argument ipRangeBlockRuleName/scheduleIp/ipRangeBlockRuleIpAddr results in stack-based buffer overflow. This vulnerability was named CVE-2025-9361. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function urlFilterManageRule of the file /goform/urlFilterManageRule. Executing manipulation of the argument urlFilterRuleName/scheduleUrl/addURLFilter can lead to stack-based buffer overflow. The identification of this vulnerability is CVE-2025-9362. The attack may be launched remotely. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. This affects the function portTriggerManageRule of the file /goform/portTriggerManageRule. The manipulation of the argument triggerRuleName/schedule leads to stack-based buffer overflow. This vulnerability is referenced as CVE-2025-9363. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. It has been declared as critical. Affected is an unknown function of the file config.xgi of the component Web Request Handler. Such manipulation leads to improper access controls. This vulnerability is referenced as CVE-2025-29514. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the file DELT_file.xgi of the component XML Database Handler. Performing manipulation results in improper access controls. This vulnerability is identified as CVE-2025-29515. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as critical has been discovered in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. Affected by this issue is some unknown functionality of the component Backup Handler. Executing manipulation can lead to command injection. This vulnerability is tracked as CVE-2025-29516. The attack can be launched remotely. No exploit exists.

A vulnerability identified as critical has been detected in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. This affects the function traceroute6. The manipulation leads to command injection. This vulnerability is listed as CVE-2025-29517. The attack may be initiated remotely. There is no available exploit.

A vulnerability categorized as critical has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function qosClassifier of the file /goform/qosClassifier. Such manipulation of the argument dir/sFromPort/sToPort/dFromPort/dToPort/protocol/layer7/dscp/remark_dscp leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-9392. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability identified as critical has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function addStaProfile of the file /goform/addStaProfile. Performing manipulation of the argument profile_name/Ssid/wep_key_1/wep_key_2/wep_key_3/wep_key_4/wep_key_length/wep_default_key/cipher/passphrase results in stack-based buffer overflow. This vulnerability is known as CVE-2025-9393. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as critical was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function accessControlAdd of the file /goform/accessControlAdd. Such manipulation of the argument ruleName/schedule leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-9360. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.