Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-3854

Summary
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
Published At-22 Apr, 2025 | 00:31
Updated At-22 Apr, 2025 | 02:04
Rejected At-
Credits

H3C GR-3000AX HTTP POST Request aspForm Edit_List_SSID buffer overflow

A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to buffer overflow. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Other functions might be affected as well.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulDB
Assigner Org ID:1af790b2-7ee1-4545-860a-a788eba489b5
Published At:22 Apr, 2025 | 00:31
Updated At:22 Apr, 2025 | 02:04
Rejected At:
▼CVE Numbering Authority (CNA)
H3C GR-3000AX HTTP POST Request aspForm Edit_List_SSID buffer overflow

A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to buffer overflow. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Other functions might be affected as well.

Affected Products
Vendor
New H3C Technologies Co., Ltd.H3C
Product
GR-3000AX
Modules
  • HTTP POST Request Handler
Versions
Affected
  • V100R006
Problem Types
TypeCWE IDDescription
CWECWE-120Buffer Overflow
CWECWE-119Memory Corruption
Type: CWE
CWE ID: CWE-120
Description: Buffer Overflow
Type: CWE
CWE ID: CWE-119
Description: Memory Corruption
Metrics
VersionBase scoreBase severityVector
4.08.6HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.18.0HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.08.0HIGH
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.07.7N/A
AV:A/AC:L/Au:S/C:C/I:C/A:C
Version: 4.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 2.0
Base score: 7.7
Base severity: N/A
Vector:
AV:A/AC:L/Au:S/C:C/I:C/A:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
BabyShark (VulDB User)
Timeline
EventDate
Advisory disclosed2025-04-21 00:00:00
VulDB entry created2025-04-21 02:00:00
VulDB entry last update2025-04-21 16:12:41
Event: Advisory disclosed
Date: 2025-04-21 00:00:00
Event: VulDB entry created
Date: 2025-04-21 02:00:00
Event: VulDB entry last update
Date: 2025-04-21 16:12:41
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.305778
vdb-entry
technical-description
https://vuldb.com/?ctiid.305778
signature
permissions-required
https://vuldb.com/?submit.556614
third-party-advisory
https://github.com/CH13hh/tmp_store_cc/blob/main/H3C%20GR-3000AX/1.md
exploit
https://zhiliao.h3c.com/theme/details/229784
related
https://www.h3c.com/cn/Service/Document_Software/Software_Download/Consume_product/
patch
Hyperlink: https://vuldb.com/?id.305778
Resource:
vdb-entry
technical-description
Hyperlink: https://vuldb.com/?ctiid.305778
Resource:
signature
permissions-required
Hyperlink: https://vuldb.com/?submit.556614
Resource:
third-party-advisory
Hyperlink: https://github.com/CH13hh/tmp_store_cc/blob/main/H3C%20GR-3000AX/1.md
Resource:
exploit
Hyperlink: https://zhiliao.h3c.com/theme/details/229784
Resource:
related
Hyperlink: https://www.h3c.com/cn/Service/Document_Software/Software_Download/Consume_product/
Resource:
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@vuldb.com
Published At:22 Apr, 2025 | 01:15
Updated At:23 Apr, 2025 | 14:08

A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of the file /goform/aspForm of the component HTTP POST Request Handler. The manipulation of the argument param leads to buffer overflow. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Other functions might be affected as well.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.6HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.18.0HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary2.07.7HIGH
AV:A/AC:L/Au:S/C:C/I:C/A:C
Type: Secondary
Version: 4.0
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 2.0
Base score: 7.7
Base severity: HIGH
Vector:
AV:A/AC:L/Au:S/C:C/I:C/A:C
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-119Primarycna@vuldb.com
CWE-120Primarycna@vuldb.com
CWE ID: CWE-119
Type: Primary
Source: cna@vuldb.com
CWE ID: CWE-120
Type: Primary
Source: cna@vuldb.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/CH13hh/tmp_store_cc/blob/main/H3C%20GR-3000AX/1.mdcna@vuldb.com
N/A
https://vuldb.com/?ctiid.305778cna@vuldb.com
N/A
https://vuldb.com/?id.305778cna@vuldb.com
N/A
https://vuldb.com/?submit.556614cna@vuldb.com
N/A
https://www.h3c.com/cn/Service/Document_Software/Software_Download/Consume_product/cna@vuldb.com
N/A
https://zhiliao.h3c.com/theme/details/229784cna@vuldb.com
N/A
Hyperlink: https://github.com/CH13hh/tmp_store_cc/blob/main/H3C%20GR-3000AX/1.md
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?ctiid.305778
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?id.305778
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://vuldb.com/?submit.556614
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://www.h3c.com/cn/Service/Document_Software/Software_Download/Consume_product/
Source: cna@vuldb.com
Resource: N/A
Hyperlink: https://zhiliao.h3c.com/theme/details/229784
Source: cna@vuldb.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

67Records found
CVE-2019-15250
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8||HIGH
EPSS-0.27% / 50.04%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 18:36
Updated-20 Nov, 2024 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-spa112_firmwarespa122_firmwarespa112spa122Cisco SPA112 2-Port Phone Adapter
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-15249
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8||HIGH
EPSS-0.27% / 50.04%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 18:36
Updated-20 Nov, 2024 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-spa112_firmwarespa122_firmwarespa112spa122Cisco SPA112 2-Port Phone Adapter
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-15247
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8||HIGH
EPSS-0.27% / 50.04%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 18:36
Updated-20 Nov, 2024 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-spa112_firmwarespa122_firmwarespa112spa122Cisco SPA112 2-Port Phone Adapter
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14557
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8||HIGH
EPSS-0.14% / 35.14%
||
7 Day CHG~0.00%
Published-05 Oct, 2020 | 13:45
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-core_i7_9700kfcore_i7_9700core_i5_9600celeron_5205ucore_i5_9400tcore_i5_9400fcore_i3_8350kcore_i5_8400tcore_i3_9100fcore_i3_8300core_i3_9300tcore_i5_9600tcore_i9_9900kcore_i3_9100tcore_i7_9700fceleron_5305ucore_i3_9300core_i5_8600tcore_i5_9600kcore_i7_8086kcore_i5_8500core_i7_1060g7core_i7_8700kcore_i5_8500tcore_i9_9900kfcore_i9_9900tcore_i5_8600core_i5_9500fcore_i3_9320core_i7_8700tcore_i5_8400core_i5_9400celeron_4305uecore_i3_8100tcore_i7_1068ng7core_i9_9900celeron_4305ucore_i7_1060ng7core_i3_8300tcore_i9_9900kscore_i7_9700kcore_i3_9350kfcore_i5_9500celeron_4205ucore_i5_8600kcore_i5_9500tcore_i5_9600kfbioscore_i3_9100core_i7_8700core_i3_8100core_i7_1065g7core_i7_9700tcore_i3_9350kcore_i3_8100fIntel BIOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-15242
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8||HIGH
EPSS-0.27% / 50.04%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 18:36
Updated-20 Nov, 2024 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-spa112_firmwarespa122_firmwarespa112spa122Cisco SPA112 2-Port Phone Adapter
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-15245
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8||HIGH
EPSS-0.27% / 50.04%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 18:36
Updated-20 Nov, 2024 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-spa112_firmwarespa122_firmwarespa112spa122Cisco SPA112 2-Port Phone Adapter
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-15252
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8||HIGH
EPSS-0.27% / 50.04%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 18:36
Updated-20 Nov, 2024 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-spa112_firmwarespa122_firmwarespa112spa122Cisco SPA112 2-Port Phone Adapter
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-54887
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.08% / 24.79%
||
7 Day CHG~0.00%
Published-09 Jan, 2025 | 00:00
Updated-20 Jun, 2025 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wr940ntl-wr940n_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-9067
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8||HIGH
EPSS-0.18% / 39.61%
||
7 Day CHG~0.00%
Published-02 Apr, 2020 | 20:31
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal (OLT). Affected product versions include:SmartAX MA5600T versions V800R013C10, V800R015C00, V800R015C10, V800R017C00, V800R017C10, V800R018C00, V800R018C10; SmartAX MA5800 versions V100R017C00, V100R017C10, V100R018C00, V100R018C10, V100R019C10; SmartAX EA5800 versions V100R018C00, V100R018C10, V100R019C10.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-smartax_ea5800_firmwaresmartax_ma5600t_firmwaresmartax_ea5800smartax_ma5800smartax_ma5600tsmartax_ma5800_firmwareSmartAX MA5800SmartAX EA5800SmartAX MA5600T
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-5872
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8||HIGH
EPSS-0.08% / 23.54%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 19:00
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-41596
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.07% / 21.72%
||
7 Day CHG~0.00%
Published-03 Oct, 2024 | 00:00
Updated-11 Jun, 2025 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of improper retrieval and handling of the CGI form parameters.

Action-Not Available
Vendor-n/aDrayTek Corp.
Product-vigor3910_firmwarevigor2915_firmwarevigor2866vigor2135_firmwarevigor2133vigor3220vigor2832vigor2915vigor2765_firmwarevigor3910vigor2133_firmwarevigor165_firmwarevigorlte200vigor2862vigor2926vigor2952vigor2865vigor2860vigorlte200_firmwarevigor2860_firmwarevigor2952_firmwarevigor2766vigor2766_firmwarevigor2962vigor2620vigor2135vigor2763_firmwarevigor166_firmwarevigor1000bvigor2962_firmwarevigor3912_firmwarevigor166vigor2866_firmwarevigor1000b_firmwarevigor3912vigor2765vigor2925_firmwarevigor2762_firmwarevigor2762vigor2620_firmwarevigor2865_firmwarevigor2832_firmwarevigor2862_firmwarevigor2925vigor3220_firmwarevigor2926_firmwarevigor165vigor2763n/avigor3910_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-41588
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.07% / 22.46%
||
7 Day CHG~0.00%
Published-03 Oct, 2024 | 00:00
Updated-11 Jun, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CGI endpoints v2x00.cgi and cgiwcg.cgi of DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to buffer overflows, by authenticated users, because of missing bounds checking on parameters passed through POST requests to the strncpy function.

Action-Not Available
Vendor-n/aDrayTek Corp.
Product-vigor3910_firmwarevigor2915_firmwarevigor2866vigor2135_firmwarevigor2133vigor3220vigor2832vigor2915vigor2765_firmwarevigor3910vigor2133_firmwarevigor165_firmwarevigorlte200vigor2862vigor2926vigor2952vigor2865vigor2860vigorlte200_firmwarevigor2860_firmwarevigor2952_firmwarevigor2766vigor2766_firmwarevigor2962vigor2620vigor2135vigor2763_firmwarevigor166_firmwarevigor1000bvigor2962_firmwarevigor3912_firmwarevigor166vigor2866_firmwarevigor1000b_firmwarevigor3912vigor2765vigor2925_firmwarevigor2762_firmwarevigor2762vigor2620_firmwarevigor2865_firmwarevigor2832_firmwarevigor2862_firmwarevigor2925vigor3220_firmwarevigor2926_firmwarevigor165vigor2763n/avigor3910_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-9138
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.14% / 33.97%
||
7 Day CHG~0.00%
Published-21 May, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a debug-interface vulnerability on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). After connecting locally to a router in a wired or wireless manner, one can bypass intended access restrictions by sending shell commands directly and reading their results, or by entering shell commands that change this router's username and password.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-fh1202f1200_firmwaref1200f1202_firmwarefh1202_firmwaref1202n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-2714
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-8||HIGH
EPSS-0.06% / 17.59%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service (DoS) condition in the affected system.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-fusionsphere_openstackFusionSphere OpenStack
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-3182
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.08% / 24.01%
||
7 Day CHG~0.00%
Published-19 Jan, 2021 | 14:40
Updated-03 Aug, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DCS-5220 devices have a buffer overflow. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dcs-5220_firmwaredcs-5220n/adcs-5220_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-46431
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.02% / 3.33%
||
7 Day CHG~0.00%
Published-10 Feb, 2025 | 00:00
Updated-25 Mar, 2025 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda W18E V16.01.0.8(1625) is vulnerable to Buffer Overflow. An attacker with access to the web management portal can exploit this vulnerability by sending specially crafted data to the delWewifiPic function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-w18e_firmwarew18en/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-35787
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-0.14% / 34.50%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 23:40
Updated-04 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.36, D7000 before 1.0.1.70, EX6200v2 before 1.0.1.78, EX7000 before 1.0.1.78, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.42, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.40.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-d6000_firmwarer6120r8900_firmwarer6220_firmwarepr2000r6080_firmwareex7000ex6200r6900pex8000r6120_firmwarer6900p_firmwared3600_firmwarer6800r6050pr2000_firmwarer6260_firmwarer6260r7000_firmwarer6220r6020d3600xr500_firmwarer6300_firmwarer6020_firmwarexr500r7000p_firmwared7000ex8000_firmwarer8900r9000_firmwarer6080d7000_firmwarer6700r7000d6000ex6200_firmwarer6900r7000pr9000d6200_firmwarer6900_firmwarer6050_firmwarer7800d6200jr6150jr6150_firmwareex7000_firmwarer6300r7800_firmwarer6700_firmwarer6800_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • Next
Details not found