Aggregator

CVE-2025-8829 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/RP_setBasicAuto um_red hname os command injection

Vuldb Updates
1 month ago
A vulnerability categorized as critical has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function um_red of the file /goform/RP_setBasicAuto. The manipulation of the argument hname results in os command injection. This vulnerability is reported as CVE-2025-8829. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-8830 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/setWan sub_3517C Hostname os command injection

Vuldb Updates
1 month ago
A vulnerability identified as critical has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function sub_3517C of the file /goform/setWan. This manipulation of the argument Hostname causes os command injection. This vulnerability appears as CVE-2025-8830. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-8821 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/RP_setBasic bssid os command injection (EUVD-2025-24101)

Vuldb Updates
1 month ago
A vulnerability classified as critical was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function RP_setBasic of the file /goform/RP_setBasic. Executing manipulation of the argument bssid can lead to os command injection. The identification of this vulnerability is CVE-2025-8821. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-8820 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/wirelessBasic submit_SSID1 stack-based overflow (EUVD-2025-24102)

Vuldb Updates
1 month ago
A vulnerability classified as critical has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function wirelessBasic of the file /goform/wirelessBasic. Performing manipulation of the argument submit_SSID1 results in stack-based buffer overflow. This vulnerability was named CVE-2025-8820. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-8822 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/setOpMode algDisable opMode stack-based overflow (EUVD-2025-24104)

Vuldb Updates
1 month ago
A vulnerability, which was classified as critical, has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function algDisable of the file /goform/setOpMode. The manipulation of the argument opMode leads to stack-based buffer overflow. This vulnerability is referenced as CVE-2025-8822. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-8823 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/setDeviceName os command injection (EUVD-2025-24103)

Vuldb Updates
1 month ago
A vulnerability, which was classified as critical, was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function setDeviceName of the file /goform/setDeviceName. The manipulation of the argument DeviceName results in os command injection. This vulnerability is identified as CVE-2025-8823. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-8827 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/RP_setBasicAuto um_inspect_cross_band staticGateway os command injection (EUVD-2025-24107)

Vuldb Updates
1 month ago
A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. It has been declared as critical. This affects the function um_inspect_cross_band of the file /goform/RP_setBasicAuto. Executing manipulation of the argument staticGateway can lead to os command injection. This vulnerability is registered as CVE-2025-8827. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-8825 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/RP_setBasicAuto staticIp/staticNetmask os command injection (EUVD-2025-24105)

Vuldb Updates
1 month ago
A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801 and classified as critical. The affected element is the function RP_setBasicAuto of the file /goform/RP_setBasicAuto. Such manipulation of the argument staticIp/staticNetmask leads to os command injection. This vulnerability is listed as CVE-2025-8825. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

Empower Your Team with Better Secrets Management

Security Boulevard
1 month ago

How Essential is Effective Secrets Management in Today’s Cybersecurity Landscape? The management of Non-Human Identities (NHIs) and their secrets has become an increasingly important consideration. It comes as no surprise that many organizations, including those in the financial services, healthcare, travel, DevOps, and SOC teams, are recognizing the profound impact of effective secrets management on […]

The post Empower Your Team with Better Secrets Management appeared first on Entro.

The post Empower Your Team with Better Secrets Management appeared first on Security Boulevard.

Alison Mack

Innovations in Managing Non-Human Identities

Security Boulevard
1 month ago

Why is NHI Management Crucial in Today’s Expanding Digital Landscape? Have you ever considered how the rise in online and interconnected industries could be putting your company’s systems at risk? Where rapid technological advancements continue to transform industries and businesses, it becomes ever more crucial to consider the security implications that come along with these […]

The post Innovations in Managing Non-Human Identities appeared first on Entro.

The post Innovations in Managing Non-Human Identities appeared first on Security Boulevard.

Alison Mack

CVE-2021-38295 | Apache CouchDB up to 3.1.1 HTML Attachment HTML injection (Nessus ID 261272)

Vuldb Updates
1 month ago
A vulnerability classified as problematic was found in Apache CouchDB up to 3.1.1. Affected is an unknown function of the component HTML Attachment Handler. Such manipulation leads to HTML injection. This vulnerability is documented as CVE-2021-38295. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

Airline Disruption Recovery — How Agentic Identity Keeps Travel on Track

Security Boulevard
1 month ago

When flights get delayed, passengers want answers fast: rebooking, hotel vouchers, refund options. Human agents can’t scale to meet this surge, but AI agents can. The challenge? Identity.

The post Airline Disruption Recovery — How Agentic Identity Keeps Travel on Track appeared first on Strata.io.

The post Airline Disruption Recovery — How Agentic Identity Keeps Travel on Track appeared first on Security Boulevard.

Eric Olden

Managed ad