Aggregator

A vulnerability classified as critical has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. This vulnerability is registered as CVE-2026-5021. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Submit #778327 / VDB-350531

Submit #778327 / VDB-350531

Submit #778326 / VDB-350531

Submit #778326 / VDB-350531

Submit #778325 / VDB-350530

Submit #778325 / VDB-350530

Submit #778324 / VDB-350411

Submit #778324 / VDB-350411

A vulnerability described as critical has been identified in Totolink A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. This vulnerability is cataloged as CVE-2026-5020. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #778323 / VDB-350411

Submit #778323 / VDB-350411

Submit #778321 / VDB-350410

Submit #778321 / VDB-350410

Submit #778320 / VDB-350409

Submit #778320 / VDB-350409

Submit #778319 / VDB-350408