Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-23103

Summary
Assigner-talos
Assigner Org ID-b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At-05 Aug, 2022 | 21:12
Updated At-15 Apr, 2025 | 18:58
Rejected At-
Credits

A stack-based buffer overflow vulnerability exists in the confsrv confctl_set_app_language functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:talos
Assigner Org ID:b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At:05 Aug, 2022 | 21:12
Updated At:15 Apr, 2025 | 18:58
Rejected At:
▼CVE Numbering Authority (CNA)

A stack-based buffer overflow vulnerability exists in the confsrv confctl_set_app_language functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.

Affected Products
Vendor
TCLTCL
Product
LinkHub Mesh Wifi
Versions
Affected
  • MS1G_00_01.00_14
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121: Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121: Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.08.8HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1462
x_refsource_MISC
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1462
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1462
x_refsource_MISC
x_transferred
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1462
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:talos-cna@cisco.com
Published At:05 Aug, 2022 | 22:15
Updated At:08 Aug, 2022 | 18:36

A stack-based buffer overflow vulnerability exists in the confsrv confctl_set_app_language functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.08.8HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
TCL
tcl
>>linkhub_mesh_wifi_ac1200>>ms1g_00_01.00_14
cpe:2.3:o:tcl:linkhub_mesh_wifi_ac1200:ms1g_00_01.00_14:*:*:*:*:*:*:*
TCL
tcl
>>linkhub_mesh_wifi_ac1200>>-
cpe:2.3:h:tcl:linkhub_mesh_wifi_ac1200:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE-121Secondarytalos-cna@cisco.com
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-121
Type: Secondary
Source: talos-cna@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1462talos-cna@cisco.com
Exploit
Third Party Advisory
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1462
Source: talos-cna@cisco.com
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

2634Records found
CVE-2022-26009
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:18
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25996
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the confsrv addTimeGroup functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23918
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:12
Updated-15 Apr, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the confsrv set_mf_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability leverages the ethAddr field within the protobuf message to cause a buffer overflow.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23919
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:12
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the confsrv set_mf_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability leverages the name field within the protobuf message to cause a buffer overflow.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23399
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:12
Updated-15 Apr, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the confsrv set_port_fwd_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-21201
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.12% / 31.39%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:11
Updated-15 Apr, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the confers ucloud_add_node_new functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-27178
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.35% / 57.22%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:19
Updated-15 Apr, 2025 | 18:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the confctl_set_wan_cfg functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-284
Improper Access Control
CVE-2022-26342
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:18
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24028
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommonprod.so binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-26346
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.35% / 57.22%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:18
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the ucloud_del_node functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-284
Improper Access Control
CVE-2022-24011
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the device_list binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24016
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the mesh_status_check binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24021
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the online_process binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24005
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the ap_steer binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24027
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommon.so binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24006
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the arpbrocast binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24025
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the sntp binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24015
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the log_upload binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24009
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the confsrv binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24014
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the logserver binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24018
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the multiWAN binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24008
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the confcli binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24013
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the gpio_ctrl binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24019
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the netctrl binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24026
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the telnet_ate_monitor binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24012
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the fota binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24022
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the pannn binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24017
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the miniupnpd binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24024
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:16
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the rtk_ate binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24020
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:15
Updated-15 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the network_check binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24007
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:13
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the cfm binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24010
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.12%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:14
Updated-15 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the cwmpd binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24029
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-0.46% / 63.61%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:17
Updated-15 Apr, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the rp-pppoe.so binary.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-22140
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-1.86% / 82.72%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:11
Updated-15 Apr, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An os command injection vulnerability exists in the confsrv ucloud_add_node functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-22144
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.38% / 58.77%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:11
Updated-15 Apr, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. During system startup this functionality is always called, leading to a known root password. An attacker does not have to do anything to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-259
Use of Hard-coded Password
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2022-21178
Matching Score-8
Assigner-Talos
ShareView Details
Matching Score-8
Assigner-Talos
CVSS Score-9.6||CRITICAL
EPSS-4.78% / 89.24%
||
7 Day CHG~0.00%
Published-05 Aug, 2022 | 21:11
Updated-15 Apr, 2025 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An os command injection vulnerability exists in the confsrv ucloud_add_new_node functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-TCL
Product-linkhub_mesh_wifi_ac1200LinkHub Mesh Wifi
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-43481
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.38% / 80.02%
||
7 Day CHG~0.00%
Published-27 Dec, 2023 | 00:00
Updated-27 Aug, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivity component.

Action-Not Available
Vendor-n/aTCL
Product-browser_tv_web_-_browseheren/acom.tcl.browser
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2015-5627
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.35% / 79.85%
||
7 Day CHG~0.00%
Published-05 Feb, 2020 | 18:45
Updated-06 Aug, 2024 | 06:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (process outage) via a crafted packet.

Action-Not Available
Vendor-yokogawaYokogawa
Product-field_wireless_device_opc_servercentum_cs_1000_firmwareb\/m9000cscentum_vp_firmwareb\/m9000_vpstardom_opc_serverexaquantumexasmocplant_resource_managerfieldmateversatile_data_server_softwarecentum_vpcentum_vp_entrycentum_cs_3000_entry_firmwareprosafe-rscentum_cs_3000_entryexapilotexaquantum\/batchexaopcprosafe-rs_firmwarescada_software_\(fast\/tools\)centum_cs_3000_firmwarecentum_cs_1000exaplogexarqecentum_cs_3000centum_vp_entry_firmwareb\/m9000cs_firmwareb\/m9000_vp_firmwareExasmocCENTUM VP EntryFAST/TOOLSCENTUM VPExaplogExarqeB/M9000CSExaquantumCENTUM CS 3000CENTUM CS 1000B/M9000 VPExaquantum/BatchFieldMateSTARDOM VDSField Wireless Device OPC ServerExaopcProSafe-RSCENTUM CS 3000 EntryPRMSTARDOM OPC Server for WindowsExapilot
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11225
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.51%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qpm5579qfs2580fsm10055qcs610qcn5550qca8337qdm5579ar9380qdm2307qfs2530qpa8802qln1030pm6125qat3519qcn5124pm8150aipq8078aqtc800hqdm5670qcs2290sa6155qca6335pm7150lqpa8821qcn5064qln1020qdm5671pmc1000hqat3518sd8csa415mwcn3998wcn3950sm4125sd720gipq8076aqca6428qdm5652sd6905gipq8071qpm8870qpm5679qbt2000pm855pqca6420pm6150aipq8065sdr735gwcn3999pm8150bqsm7250qca7500qcs6125ipq6010ipq8068qcs405qca6430qat3522pmr735awcd9340sd765gsdr660qca6436wcn6851sa6155pqpa6560sdr865wcd9341smr545qca6431qln5020wcd9371sd750gqca1062qdm3302sa8150pqpm5657pm6350qdm5621qtc800ssd660qdm5650wcn3988qca6438wtr3925sdr052qcn5121smb1390qca9898pm6150lipq4028sd8885gqet4100qpm6585qtc410swcn3991smb1355ipq8072aqln4650qpa8801wgr7640qat5568qet5100sd636ipq8078qca6564auipq8173sdxr25gqcn5164qca9558pm6150qca6574pm7250bqfs2630qpa8842pmm8996auwcd9380qln4640qcs410smb1381qcn5024sdr735pm7250wtr4905smb1395pm660lqpa8803smr526wtr5975qca9985wcn3980pmk8003qdm2301qsw8573wsa8815wcn6850wcn3910qca6320qpm6375smb1394qca9984ipq6028ipq8064sd835pmp8074qcn9024pm8009qpa8675sd730sdx55mpm8008qsw8574pmi8998qcn5054pm855lrsw8577ipq8070qca9896sd8655gqcn5502qca9994qca9980qpm5621qpm6582sd670qca9880wcn6855pm8150lqdm5677pm8005sa6145pipq6018qdm2302pmm6155ausdxr1ar8031apq8096auqpm5577wtr2965pm8150qca4024qpm5875sdx55qet5100msa8155pcsra6640pm8350bhssd675qet4101qat3516qpm5658pm855bsmb2351qln1031qcn7606qcm2290qpm5870qcn5500wsa8830sdr051pm660qca9561qcn9070qln5030qpm6325pm4125qbt1500fsm10056qpa5581pmi632pm456csrb31024mdm9650csra6620qpm4621qcn9072qca9992qcs4290pmm855auqet6100sdr660gqpa8686smb1396ipq6000pm7150awcd9370ipq8072pm8350qca6564sdr425qca6426ipq5018qpm5641qcn7605qpm5541qat5516qca9563qdm5620qln1021aqipq8074asmb1380sd662qca9982pm8350bhqca1064pm3003asa8155qat5533qca6595ausm7350qpm6670smb1354ipq5010qca6584auqdm2305qca6310qpm8820qpm4641qpm2630ipq8174pm855qca9990pm8250qcn5052smb1398sdm630qdm4643pmx55qcn9074sdr675qca6421sm6250qdm3301sa8195pqpm5677qat5515qca6694qat3514wcd9326wcd9335qet4200aqqca8081qcn6023ipq8071awcd9385qpm5620pmm8155auqpm4630qca6390wcd9375ar8035aqt1000csr8811apq8064auipq4019pmm8195auqpa8673qdm2310qln4642pm8998pmk7350qca6564asmr546pmx24qet6110qln5040qca9882qca8072qpm8895qpm5670wcn3990qcn9000qtm527qca6595pmk8350qpm8830qcn9012pm8350bqat5522wsa8835msm8996aupm8150cpmr735bsm6250prgr7640auqpa4360qcn5154qpa4361ipq4018qca6574aqca9889pm8350csmr525qca9888ipq8074qpm4640wcn6750pmr525pm7350cqpm4650qtm525sa515mwtr6955qca9886sd855sd8cxsd665ipq8076qca6175asd765qca9887pm640pqcn5021ipq8069qcn5152qat3555sd460qca6391smb1351qpa5461ipq6005qcn9100pm660aqpa4340qcm4290sdx50mpm640asdr8150qfs2608qln1036aqqtc801sqdm4650qca9531pmd9655qca6574ausd710qcn5122qsw6310qcm6125qpm6621wsa8810qdm2308qat3550pmx50wcn6856qdm5679qcn5022sdr8250sd768gwcn6740qca6696pm8004pm640lpmk8002qca8075qpa2625qcn6024qcn9022sd845sa6150pipq8070asm7250pipq4029pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-32385
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.08% / 86.46%
||
7 Day CHG~0.00%
Published-06 Jul, 2022 | 11:34
Updated-03 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac23_ac2100ac23_ac2100_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-13445
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.22% / 44.36%
||
7 Day CHG~0.00%
Published-20 Nov, 2025 | 02:02
Updated-21 Nov, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC21 SetIpMacBind stack-based overflow

A flaw has been found in Tenda AC21 16.03.08.16. This affects an unknown part of the file /goform/SetIpMacBind. Executing manipulation of the argument list can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac21_firmwareac21AC21
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-14236
Matching Score-4
Assigner-Canon Inc.
ShareView Details
Matching Score-4
Assigner-Canon Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.04% / 12.15%
||
7 Day CHG-0.06%
Published-15 Jan, 2026 | 23:39
Updated-26 Jan, 2026 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.

Action-Not Available
Vendor-Canon Inc.
Product-mf451dwmf1643i_iimf452dw_firmwarelbp236dwmf654cdw_firmwaremf453dw_firmwaremf452dwmf656cdw_firmwaremf455dwlbp633cdwlbp632cdwlbp237dw_firmwaremf653cdwmf652cw_firmwaremf455dw_firmwarelbp236dw_firmwaremf1643if_iimf653cdw_firmwarelbp632cdw_firmwaremf656cdwmf1643i_ii_firmwaremf453dwmf451dw_firmwaremf654cdwmf1238_ii_firmwaremf1238_iilbp237dwlbp633cdw_firmwarelbp1238_iimf652cdwlbp1238_ii_firmwaremf1643if_ii_firmwareSatera LBP670C SeriesimageCLASS X LBP1238 IIimageCLASS X MF1643iF IIi-SENSYS LBP230 Seriesi-SENSYS MF550 Series1238Pr IIi-SENSYS LBP630C Seriesi-SENSYS MF450 SeriesSatera MF750C SeriesColor imageCLASS MF650C Seriesi-SENSYS MF650C SeriesimageCLASS X MF1643i IIimageRUNNER 1643i IIColor imageCLASS LBP630C1238iF IIimageCLASS X MF1238 IIimageRUNNER 1643iF II1238i II1238P IIimageCLASS MF450 SeriesimageCLASS LBP230 Series
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-14234
Matching Score-4
Assigner-Canon Inc.
ShareView Details
Matching Score-4
Assigner-Canon Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.04% / 12.15%
||
7 Day CHG-0.06%
Published-15 Jan, 2026 | 23:38
Updated-26 Jan, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera LBP670C Series/Satera MF750C Series firmware v06.02 and earlier sold in Japan.Color imageCLASS LBP630C/Color imageCLASS MF650C Series/imageCLASS LBP230 Series/imageCLASS X LBP1238 II/imageCLASS MF450 Series/imageCLASS X MF1238 II/imageCLASS X MF1643i II/imageCLASS X MF1643iF II firmware v06.02 and earlier sold in US.i-SENSYS LBP630C Series/i-SENSYS MF650C Series/i-SENSYS LBP230 Series/1238P II/1238Pr II/i-SENSYS MF450 Series/i-SENSYS MF550 Series/1238i II/1238iF II/imageRUNNER 1643i II/imageRUNNER 1643iF II firmware v06.02 and earlier sold in Europe.

Action-Not Available
Vendor-Canon Inc.
Product-mf451dwmf1643i_iimf452dw_firmwarelbp236dwmf654cdw_firmwaremf453dw_firmwaremf452dwmf656cdw_firmwaremf455dwlbp633cdwlbp632cdwlbp237dw_firmwaremf653cdwmf652cw_firmwaremf455dw_firmwarelbp236dw_firmwaremf1643if_iimf653cdw_firmwarelbp632cdw_firmwaremf656cdwmf1643i_ii_firmwaremf453dwmf451dw_firmwaremf654cdwmf1238_ii_firmwaremf1238_iilbp237dwlbp633cdw_firmwarelbp1238_iimf652cdwlbp1238_ii_firmwaremf1643if_ii_firmwareSatera LBP670C SeriesimageCLASS X LBP1238 IIimageCLASS X MF1643iF IIi-SENSYS LBP230 Seriesi-SENSYS MF550 Series1238Pr IIi-SENSYS LBP630C Seriesi-SENSYS MF450 SeriesSatera MF750C SeriesColor imageCLASS MF650C Seriesi-SENSYS MF650C SeriesimageCLASS X MF1643i IIimageRUNNER 1643i IIColor imageCLASS LBP630C1238iF IIimageCLASS X MF1238 IIimageRUNNER 1643iF II1238i II1238P IIimageCLASS MF450 SeriesimageCLASS LBP230 Series
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-21473
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.14% / 34.75%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:06
Updated-13 Jan, 2025 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in WIN SON

Memory corruption while redirecting log file to any file location with any file name.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn9012_firmwareqfw7124_firmwareqca9986ipq6028_firmwareqcn5021_firmwareqca8072ipq5010ipq8070a_firmwareipq9570_firmwarecsr8811_firmwareipq9570qcn6274qcn6412_firmwareqca7500qcn5502_firmwareqca6428_firmwareqca9880_firmwareqcn5550_firmwareqcn5164pmp8074qca9888_firmwareqcn9000_firmwareipq4028ipq8072aipq4018qca9558qfw7114qcn6024qca9531ar9380_firmwareqcn9100qcc710_firmwareipq8078aipq8173pmp8074_firmwareqca8072_firmwareqfw7114_firmwareqca8075_firmwareqcn5122ar8035wcd9340ipq5302qfe1952immersive_home_326qca9531_firmwareipq8072ipq8064qcn5052_firmwareqca8337ipq8076a_firmwareqcn5124_firmwareqca9558_firmwareipq6018_firmwareqca9994_firmwareqcn6100_firmwareqcn6422_firmwareqcn9003qcn9022ipq6010_firmwareqca9886_firmwareqcn6402ipq5332_firmwareqca9889_firmwareipq8068sdx55snapdragon_x75_5g_modem-rfqca8082_firmwareipq5028_firmwareqcn9070_firmwareqca9992qcn9001qcn9074_firmwareqca8084qcn6100ipq8076qca8084_firmwareipq4019_firmwareqcn6102_firmwaresdx55_firmwareipq8174ipq9554_firmwareqcn9002_firmwareqca9988_firmwareqcn6132qcn5152_firmwareqca8075ipq8070_firmwareipq9574_firmwareipq6028qcn6102qcn9074ipq5312_firmwareqcn6432_firmwareqcn5022qcn9000qca8082qca6428immersive_home_214ipq9008qca9990_firmwareipq5302_firmwareqcn5024qcn6402_firmwareqca9898_firmwareqca0000_firmwareqcn9072_firmwareqcn6023_firmwarewcd9380_firmwareimmersive_home_214_firmwareipq9554ipq8078a_firmwareqcn6112snapdragon_x65_5g_modem-rfqca8081qcn9022_firmwareqcn6412ipq4019ipq8072_firmwareqca9984_firmwareipq9574qcf8001qca7500_firmwareqcn9024qcn5124ar8035_firmwareqca8337_firmwareipq4029immersive_home_318_firmwareimmersive_home_316_firmwareimmersive_home_326_firmwareqcn9274qcc710sdx65m_firmwareqcn5022_firmwareqca9898fastconnect_7800_firmwareqca9888qfw7124ipq5332ar9380ipq9008_firmwareqcn5064_firmwareqcn6023qca9980qcn9274_firmwareipq8173_firmwareqca9980_firmwareipq5010_firmwareqcn5154ipq8071a_firmwareqcn6224immersive_home_216ipq8174_firmwareqcf8001_firmwareimmersive_home_316qca8386_firmwareqca9985_firmwareqcn6422qcn6432ipq8074a_firmwareqcn5021ipq8078fastconnect_7800qcn6274_firmwareqcn9003_firmwareipq6000ipq8072a_firmwareqca4024_firmwareqca9563csr8811ipq4029_firmwareipq8065_firmwareipq8076aqca9988qca9992_firmwareqcf8000ipq6010fastconnect_6900qcn6132_firmwareipq8071_firmwareqca9984qca9985qcn5054qca0000qcn5164_firmwareipq8076_firmwareqcn9002qcn5054_firmwareqcn5550qcn9100_firmwareipq5028ipq8070qca9889qca9880qcn6224_firmwareqca8085_firmwareqfe1922_firmwaresnapdragon_x65_5g_modem-rf_firmwareipq8071aqcn6112_firmwareqcn6122_firmwareqcn6024_firmwareqca8386qcf8000_firmwareqcn9070qcn5122_firmwarefastconnect_6900_firmwareqcn5154_firmwarewcd9380qca9986_firmwareqcn5152qfe1952_firmwarewcd9340_firmwareipq8074immersive_home_3210qca9990ipq8064_firmwareqcn5052qcn5064immersive_home_3210_firmwareipq8074aipq5300_firmwareqcn6122ipq6018snapdragon_x75_5g_modem-rf_firmwareqca8085qca9563_firmwareipq5300qca8081_firmwareqca9886ipq6000_firmwareqcn9001_firmwareqcn9024_firmwareqcn5024_firmwareipq8078_firmwareipq4018_firmwareqca4024qca6438_firmwareqfe1922immersive_home_216_firmwareipq8065immersive_home_318qca9994qcn9012ipq4028_firmwareipq8068_firmwareqcn9072ipq8071qca6438qcn5502ipq8070aipq5312ipq8074_firmwaresdx65mSnapdragonqcn5024_firmwareqca6428_firmwareqca9985_firmwareipq4018_firmwareqca8337_firmwareipq4028_firmwareqca7500_firmwareqca9980_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwarear9380_firmwareqcn9001_firmwareqca9563_firmwareqca9558_firmwareqcn6224_firmwareqca4024_firmwareqcn6122_firmwareipq8065_firmwareqca9880_firmwareqcn6402_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareipq9554_firmwareqcn5054_firmwareqca8075_firmwareipq4019_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqcn9003_firmwareqca8072_firmwareqcn9000_firmwareqca9984_firmwareqca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareipq8070a_firmwareqfw7114_firmwareqcn6024_firmwareqca8386_firmwareipq6018_firmwareimmersive_home_316_platform_firmwareipq8076_firmwareqcn5502_firmwareqca8084_firmwarepmp8074_firmwareqcn5124_firmwareqfe1952_firmwareqfe1922_firmwareqca9986_firmwareqcn6100_firmwareqcn6102_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwareqcn6422_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareqcn5550_firmwareimmersive_home_3210_platform_firmwareipq8064_firmwareqca6438_firmwareipq8070_firmwareipq8078a_firmwareqcn6274_firmwareqcn5064_firmwareipq8078_firmwareipq4029_firmwareipq8072_firmwareipq9570_firmwareqcn9070_firmwareqcf8001_firmwarefastconnect_6900_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqcn6432_firmwareipq5312_firmwareipq8074_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwareqca9886_firmwareipq8071a_firmwareqca8085_firmwareqca9888_firmwareipq8068_firmwareipq6010_firmwareipq9008_firmwareqca9988_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwareqca9898_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwareqcn5021_firmwareqca9992_firmwareqca9990_firmwareqcn9002_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwareqca9531_firmwareipq6000_firmwareipq8071_firmwareqcn9074_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwarear8035_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-13189
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.07% / 21.09%
||
7 Day CHG~0.00%
Published-15 Nov, 2025 | 06:02
Updated-20 Nov, 2025 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-816L gena.cgi genacgi_main stack-based overflow

A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-816ldir-816l_firmwareDIR-816L
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-12210
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.16% / 36.93%
||
7 Day CHG~0.00%
Published-27 Oct, 2025 | 03:02
Updated-28 Oct, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda O3 AdvSetLanip GetValue stack-based overflow

A vulnerability was identified in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-o3_firmware1.0.0.10\(2478\)o3O3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-12603
Matching Score-4
Assigner-a0340c66-c385-4f8b-991b-3d05f6fd5220
ShareView Details
Matching Score-4
Assigner-a0340c66-c385-4f8b-991b-3d05f6fd5220
CVSS Score-2.3||LOW
EPSS-0.07% / 20.67%
||
7 Day CHG~0.00%
Published-01 Nov, 2025 | 18:56
Updated-07 Nov, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
/etc/timezone can be Arbitrarily Written

/etc/timezone can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

Action-Not Available
Vendor-azure-accessAzure Access Technology
Product-blu-ic2blu-ic4_firmwareblu-ic2_firmwareblu-ic4BLU-IC2BLU-IC4
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32454
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-10||CRITICAL
EPSS-5.00% / 89.48%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:33
Updated-15 Apr, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to remote code execution. An attacker can send a malicious XML payload to trigger this vulnerability.

Action-Not Available
Vendor-goabodeabode systems, inc.
Product-iota_all-in-one_security_kitiota_all-in-one_security_kit_firmwareiota All-In-One Security Kit
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2015-5628
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-7.49% / 91.61%
||
7 Day CHG~0.00%
Published-05 Feb, 2020 | 18:46
Updated-06 Aug, 2024 | 06:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet.

Action-Not Available
Vendor-yokogawaYokogawa
Product-field_wireless_device_opc_servercentum_cs_1000_firmwareb\/m9000cscentum_vp_firmwareb\/m9000_vpstardom_opc_serverexaquantumexasmocplant_resource_managerfieldmateversatile_data_server_softwarecentum_vpcentum_vp_entrycentum_cs_3000_entry_firmwareprosafe-rscentum_cs_3000_entryexapilotexaquantum\/batchexaopcprosafe-rs_firmwarescada_software_\(fast\/tools\)centum_cs_3000_firmwarecentum_cs_1000exaplogexarqecentum_cs_3000centum_vp_entry_firmwareb\/m9000cs_firmwareb\/m9000_vp_firmwareExasmocCENTUM VP EntryFAST/TOOLSCENTUM VPExaplogExarqeB/M9000CSExaquantumCENTUM CS 3000CENTUM CS 1000B/M9000 VPExaquantum/BatchFieldMateSTARDOM VDSField Wireless Device OPC ServerExaopcProSafe-RSCENTUM CS 3000 EntryPRMSTARDOM OPC Server for WindowsExapilot
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-12211
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.16% / 36.93%
||
7 Day CHG~0.00%
Published-27 Oct, 2025 | 03:32
Updated-28 Oct, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda O3 setDmzInfo GetValue stack-based overflow

A security flaw has been discovered in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-o3_firmware1.0.0.10\(2478\)o3O3
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 52
  • 53
  • Next
Details not found