Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-44898

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-20 May, 2025 | 00:00
Updated At-21 May, 2025 | 13:31
Rejected At-
Credits

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:20 May, 2025 | 00:00
Updated At:21 May, 2025 | 13:31
Rejected At:
▼CVE Numbering Authority (CNA)

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lafdrew.github.io/2025/04/18/web-aaa-loginAuthlistEdit-get-authName-StackOverflow/
N/A
Hyperlink: https://lafdrew.github.io/2025/04/18/web-aaa-loginAuthlistEdit-get-authName-StackOverflow/
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121 Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121 Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:20 May, 2025 | 21:15
Updated At:29 May, 2025 | 15:52

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
planet
planet
>>wgs-804hpt_firmware>>1.305b241111
cpe:2.3:o:planet:wgs-804hpt_firmware:1.305b241111:*:*:*:*:*:*:*
planet
planet
>>wgs-804hpt>>2.0
cpe:2.3:h:planet:wgs-804hpt:2.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-121Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-121
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://lafdrew.github.io/2025/04/18/web-aaa-loginAuthlistEdit-get-authName-StackOverflow/cve@mitre.org
Exploit
Third Party Advisory
Hyperlink: https://lafdrew.github.io/2025/04/18/web-aaa-loginAuthlistEdit-get-authName-StackOverflow/
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

642Records found
CVE-2025-44894
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parameter in the web_radiusSrv_dftParam_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44897
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip parameter in the web_tool_upgradeManager_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44887
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in the web_radiusSrv_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44884
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the web_sys_infoContact_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44896
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName parameter in the web_acl_bindEdit_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44883
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in the web_tacplus_serverEdit_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44886
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parameter in the web_acl_mgmt_Rules_Edit_postcontains function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44891
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_v3host_add_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44890
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_notifyv3_add_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44888
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name parameter in the web_stp_globalSetting_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44885
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.75%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-29 May, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip parameter in the web_snmpv3_remote_engineId_add_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44893
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 62.34%
||
7 Day CHG~0.00%
Published-20 May, 2025 | 00:00
Updated-16 Dec, 2025 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNamekey parameter in the web_acl_mgmt_Rules_Apply_post function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hptwgs-804hpt_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-8450
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-8.6||HIGH
EPSS-1.45% / 80.98%
||
7 Day CHG~0.00%
Published-30 Sep, 2024 | 06:50
Updated-04 Oct, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PLANET Technology switch devices - Hard-coded SNMPv1 read-write community string

Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community string to access the SNMPv1 service with read-write privileges.

Action-Not Available
Vendor-planetPLANET Technology
Product-gs-4210-24p2s_firmwaregs-4210-24pl4cgs-4210-24pl4c_firmwaregs-4210-24p2sGS-4210-24P2S hardware 3.0GS-4210-24PL4C hardware 2.0
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2023-33553
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 14.16%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 00:00
Updated-07 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation of the LoginStatus cookie.

Action-Not Available
Vendor-planetn/a
Product-wdrt-1800axwdrt-1800ax_firmwaren/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-287
Improper Authentication
CVE-2020-26097
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 60.12%
||
7 Day CHG~0.00%
Published-18 Nov, 2020 | 17:46
Updated-04 Aug, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The firmware of the PLANET Technology Corp NVR-915 and NVR-1615 before 2020-10-28 embeds default credentials for root access via telnet. By exposing telnet on the Internet, remote root access on the device is possible. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-planetn/a
Product-nvr-1615nvr-915nvr-915_firmwarenvr-1615_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-8456
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.59% / 81.88%
||
7 Day CHG~0.00%
Published-30 Sep, 2024 | 07:35
Updated-04 Oct, 2024 | 14:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PLANET Technology switch devices - Missing Authentication for multiple HTTP routes

Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices.

Action-Not Available
Vendor-planetPLANET Technologyplanet_technology_corp
Product-gs-4210-24p2s_firmwaregs-4210-24pl4cgs-4210-24pl4c_firmwaregs-4210-24p2sGS-4210-24P2S hardware 3.0GS-4210-24PL4C hardware 2.0gs-4210-24pl4c_hardware_2.0gs-4210-24pl4c_hardware_3.0
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-54402
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.08% / 22.78%
||
7 Day CHG-0.00%
Published-07 Oct, 2025 | 13:55
Updated-03 Nov, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `submit-url` and `ipaddr` request parameters combined.

Action-Not Available
Vendor-planetPlanet
Product-wgr-500wgr-500_firmwareWGR-500
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-54401
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.08% / 22.78%
||
7 Day CHG-0.00%
Published-07 Oct, 2025 | 13:55
Updated-03 Nov, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `submit-url` request parameter.

Action-Not Available
Vendor-planetPlanet
Product-wgr-500wgr-500_firmwareWGR-500
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-54399
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.08% / 22.78%
||
7 Day CHG-0.00%
Published-07 Oct, 2025 | 13:55
Updated-03 Nov, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `ipaddr` request parameter for composing the `"ping -c <counts> <ipaddr> 2>&1 > %s &"` string.

Action-Not Available
Vendor-planetPlanet
Product-wgr-500wgr-500_firmwareWGR-500
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-54400
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.08% / 22.78%
||
7 Day CHG-0.00%
Published-07 Oct, 2025 | 13:55
Updated-03 Nov, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This buffer overflow is related to the `counts` request parameter for composing the `"ping -c <counts> <ipaddr> 2>&1 > %s &"` string.

Action-Not Available
Vendor-planetPlanet
Product-wgr-500wgr-500_firmwareWGR-500
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44892
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 51.61%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 00:00
Updated-03 Jun, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ownekey parameter in the web_rmon_alarm_post_rmon_alarm function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hpt_firmwarewgs-804hptn/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2025-44895
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.28% / 51.61%
||
7 Day CHG~0.00%
Published-21 May, 2025 | 00:00
Updated-03 Jun, 2025 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ipv4Aclkey parameter in the web_acl_ipv4BasedAceAdd function.

Action-Not Available
Vendor-planetn/a
Product-wgs-804hpt_firmwarewgs-804hptn/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-38389
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.47% / 64.64%
||
7 Day CHG~0.00%
Published-18 Oct, 2021 | 12:41
Updated-16 Sep, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Advantech WebAccess

Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.

Action-Not Available
Vendor-Advantech (Advantech Co., Ltd.)
Product-webaccessWebAccess
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-8836
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-0.24% / 47.25%
||
7 Day CHG~0.00%
Published-18 May, 2026 | 18:45
Updated-18 May, 2026 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
lwIP snmpv3 USM snmp_msg.c snmp_parse_inbound_frame stack-based overflow

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmp_parse_inbound_frame of the file src/apps/snmp/snmp_msg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be initiated remotely. The patch is named 0c957ec03054eb6c8205e9c9d1d05d90ada3898c. It is suggested to install a patch to address this issue.

Action-Not Available
Vendor-n/a
Product-lwIP
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-52275
Matching Score-4
Assigner-VULSec Labs
ShareView Details
Matching Score-4
Assigner-VULSec Labs
CVSS Score-8.3||HIGH
EPSS-0.32% / 55.45%
||
7 Day CHG~0.00%
Published-04 Dec, 2024 | 10:20
Updated-28 May, 2025 | 14:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service on Tenda AC6V2 Due To Stack Overflow

Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac6ac6_firmwareTenda AC6V2
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-6665
Matching Score-4
Assigner-PostgreSQL
ShareView Details
Matching Score-4
Assigner-PostgreSQL
CVSS Score-8.1||HIGH
EPSS-0.02% / 5.67%
||
7 Day CHG+0.01%
Published-09 May, 2026 | 00:43
Updated-14 May, 2026 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PgBouncer buffer overflow in SCRAM

The SCRAM code in PgBouncer before 1.25.2 did not check the return value of strlcat() correctly when building the contents of the SCRAM client-final-message. A malicious backend that sends a SCRAM server-final-message with a long nonce can trigger a stack overflow.

Action-Not Available
Vendor-pgbouncern/a
Product-pgbouncerPgBouncer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-52274
Matching Score-4
Assigner-VULSec Labs
ShareView Details
Matching Score-4
Assigner-VULSec Labs
CVSS Score-8.3||HIGH
EPSS-0.29% / 52.63%
||
7 Day CHG~0.00%
Published-04 Dec, 2024 | 10:19
Updated-28 May, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service on Tenda AC6V2 Due To Stack Overflow

Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac6ac6_firmwareTenda AC6V2
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-6350
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-9.3||CRITICAL
EPSS-0.08% / 24.13%
||
7 Day CHG+0.01%
Published-16 Apr, 2026 | 02:30
Updated-19 May, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Openfind|MailGates/MailAudit - Stack-based Buffer Overflow

MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

Action-Not Available
Vendor-Openfind
Product-MailAuditMailGates
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-4184
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-0.27% / 50.76%
||
7 Day CHG~0.00%
Published-15 Mar, 2026 | 17:32
Updated-19 Mar, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-816 goahead form2Wl5BasicSetup.cgi stack-based overflow

A vulnerability was detected in D-Link DIR-816 1.10CNB05. Affected by this vulnerability is an unknown functionality of the file /goform/form2Wl5BasicSetup.cgi of the component goahead. Performing a manipulation of the argument pskValue results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-816dir-816_firmwareDIR-816
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-4254
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-0.23% / 45.48%
||
7 Day CHG~0.00%
Published-16 Mar, 2026 | 17:32
Updated-17 Mar, 2026 | 14:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC8 HTTP Endpoint SysToolChangePwd doSystemCmd stack-based overflow

A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local_2c causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-AC8
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-4183
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-0.27% / 50.76%
||
7 Day CHG~0.00%
Published-15 Mar, 2026 | 16:32
Updated-19 Mar, 2026 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-816 goahead form2WlanBasicSetup.cgi stack-based overflow

A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown function of the file /goform/form2WlanBasicSetup.cgi of the component goahead. Such manipulation of the argument pskValue leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-816dir-816_firmwareDIR-816
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-4213
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.08% / 23.18%
||
7 Day CHG~0.00%
Published-16 Mar, 2026 | 04:02
Updated-19 Mar, 2026 | 14:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DNS-1550-04 gui_mgr.cgi cgi_myfavorite_verify stack-based overflow

A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function cgi_myfavorite_del_user/cgi_myfavorite_verify of the file /cgi-bin/gui_mgr.cgi. Performing a manipulation results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.

Action-Not Available
Vendor-D-Link Corporation
Product-dns-320lwdns-322l_firmwaredns-1100-4_firmwaredns-345dnr-326_firmwaredns-327ldns-326_firmwarednr-326dns-327l_firmwaredns-321_firmwaredns-322ldns-320_firmwaredns-120dns-321dns-343dns-315l_firmwaredns-315ldns-340ldnr-202ldns-320lw_firmwaredns-325_firmwaredns-1550-04_firmwaredns-120_firmwaredns-320ldns-1200-05dns-726-4_firmwaredns-1200-05_firmwaredns-726-4dns-320l_firmwaredns-1550-04dns-325dns-323_firmwaredns-343_firmwaredns-340l_firmwaredns-323dns-326dnr-202l_firmwaredns-345_firmwaredns-320dns-1100-4DNS-321DNS-323DNS-1550-04DNS-1100-4DNS-327LDNR-202LDNS-320LWDNR-322LDNS-345DNS-320DNS-1200-05DNS-340LDNS-320LDNS-326DNR-326DNS-315LDNS-726-4DNS-325DNS-120DNS-343
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-4226
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.14% / 33.26%
||
7 Day CHG~0.00%
Published-16 Mar, 2026 | 07:32
Updated-20 Mar, 2026 | 18:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LB-LINK BL-WR9000 get_virtual_cfg sub_44E8D0 stack-based overflow

A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /goform/get_virtual_cfg. Executing a manipulation can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-lb-linkLB-LINK
Product-bl-wr9000_firmwarebl-wr9000BL-WR9000
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-4182
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-9.3||CRITICAL
EPSS-0.27% / 50.76%
||
7 Day CHG~0.00%
Published-15 Mar, 2026 | 16:02
Updated-19 Mar, 2026 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
D-Link DIR-816 goahead form2Wl5RepeaterStep2.cgi stack-based overflow

A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the file /goform/form2Wl5RepeaterStep2.cgi of the component goahead. This manipulation of the argument key1/key2/key3/key4/pskValue causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-D-Link Corporation
Product-dir-816dir-816_firmwareDIR-816
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-42482
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.02%
||
7 Day CHG~0.00%
Published-01 May, 2026 | 00:00
Updated-01 May, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted rule file, or via the -j or -k rule options used with password candidates of 128 or more characters. The vulnerability is caused by a bounds check that fails to account for the 2x expansion that occurs when password bytes are converted to hexadecimal.

Action-Not Available
Vendor-hashcatn/a
Product-hashcatn/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-52544
Matching Score-4
Assigner-Rapid7, Inc.
ShareView Details
Matching Score-4
Assigner-Rapid7, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.95% / 76.57%
||
7 Day CHG~0.00%
Published-03 Dec, 2024 | 17:18
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Lorex 2K Indoor Wi-Fi Security Camera - Stack buffer overflow

An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service (TCP port 3500). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111.

Action-Not Available
Vendor-Lorexlorextechnology
Product-2K Indoor Wi-Fi Security Cameraw461asc-e_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-35474
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-9.21% / 92.80%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 07:15
Updated-04 Aug, 2024 | 00:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Dynamic stack buffer overflow in cachekey plugin

Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-debian_linuxtraffic_serverApache Traffic Server
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-42854
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 51.78%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 21:56
Updated-18 May, 2026 | 13:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
arduino-esp32: Stack buffer overflow in WebServer multipart boundary parsing leads to remote crash potential RCE

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a Variable Length Array (VLA) on the stack whose size is derived from an attacker-controlled HTTP header field (Content-Type: multipart/form-data; boundary=...) without enforcing any length limit. Sending a boundary string longer than ~8000 characters overflows the 8192-byte task stack of the loopTask, causing a crash and potential remote code execution. This vulnerability is fixed in 3.3.8.

Action-Not Available
Vendor-espressifespressif
Product-arduino-esp32arduino-esp32
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-34730
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-26.35% / 96.38%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 19:40
Updated-07 Nov, 2024 | 22:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerability

A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of incoming UPnP traffic. An attacker could exploit this vulnerability by sending a crafted UPnP request to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a DoS condition. Cisco has not released software updates that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-application_extension_platformrv130_vpn_routerrv130_vpn_router_firmwarerv215w_wireless-n_vpn_routerrv215w_wireless-n_vpn_router_firmwarerv130w_wireless-n_multifunction_vpn_routerrv130w_wireless-n_multifunction_vpn_router_firmwarerv110w_wireless-n_vpn_firewallrv110w_wireless-n_vpn_firewall_firmwareCisco Small Business RV Series Router Firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-37539
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-01 May, 2026 | 00:00
Updated-05 May, 2026 | 20:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted CAN FD frames.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-50694
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.81% / 74.38%
||
7 Day CHG~0.00%
Published-24 Jan, 2025 | 00:00
Updated-29 May, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an MQTT message, the underlying code does not check the bounds of the buffer that is used to store the message. This may lead to a stack-based buffer overflow.

Action-Not Available
Vendor-sungrowpowern/a
Product-winet-swinet-s_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-35004
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-8.8||HIGH
EPSS-8.07% / 92.22%
||
7 Day CHG~0.00%
Published-21 Jan, 2022 | 15:45
Updated-04 Aug, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link TL-WA1201 1.0.1 Build 20200709 rel.66244(5553) wireless access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-14656.

Action-Not Available
Vendor-TP-Link Systems Inc.
Product-tl-wa1201_firmwaretl-wa1201TL-WA1201
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2024-50695
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.13% / 78.54%
||
7 Day CHG~0.00%
Published-24 Jan, 2025 | 00:00
Updated-29 May, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks.

Action-Not Available
Vendor-sungrowpowern/a
Product-winet-swinet-s_firmwaren/a
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-3400
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.7||HIGH
EPSS-0.16% / 36.44%
||
7 Day CHG~0.00%
Published-01 Mar, 2026 | 23:32
Updated-03 Mar, 2026 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tenda AC15 TextEditingConversion stack-based overflow

A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

Action-Not Available
Vendor-Tenda Technology Co., Ltd.
Product-ac15_firmwareac15AC15
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-41089
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.13% / 31.86%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 16:58
Updated-20 May, 2026 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Netlogon Remote Code Execution Vulnerability

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022windows_server_2025windows_server_2019windows_server_2022_23h2windows_server_2016windows_server_2012Windows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2022Windows Server 2025 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2025Windows Server 2012Windows Server 2012 R2
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-33447
Matching Score-4
Assigner-Absolute Software
ShareView Details
Matching Score-4
Assigner-Absolute Software
CVSS Score-2.3||LOW
EPSS-0.08% / 23.02%
||
7 Day CHG~0.00%
Published-30 Apr, 2026 | 19:43
Updated-05 May, 2026 | 02:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service.

Action-Not Available
Vendor-Absolute Software Corporation
Product-secure_accessSecure Access
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-32943
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.86% / 75.24%
||
7 Day CHG~0.00%
Published-10 Aug, 2021 | 14:03
Updated-03 Aug, 2024 | 23:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).

Action-Not Available
Vendor-n/aAdvantech (Advantech Co., Ltd.)
Product-webaccess\/scadaWebAccess/SCADA
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-32941
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.4||CRITICAL
EPSS-1.55% / 81.62%
||
7 Day CHG~0.00%
Published-23 May, 2022 | 18:51
Updated-16 Apr, 2025 | 16:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Annke Network Video Recorder - Stack-based Buffer Overflow

Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root).

Action-Not Available
Vendor-annkeAnnke
Product-n48pbb_firmwaren48pbbN48PBB (NVR)
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-30871
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.5||CRITICAL
EPSS-0.02% / 6.32%
||
7 Day CHG~0.00%
Published-19 Mar, 2026 | 21:49
Updated-25 Mar, 2026 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenWrt Project has Stack-based Buffer Overflow in DNS PTR Query

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parse_question function. The issue is triggered by PTR queries for reverse DNS domains (.in-addr.arpa and .ip6.arpa). DNS packets received on UDP port 5353 are expanded by dn_expand into an 8096-byte global buffer (name_buffer), which is then copied via an unbounded strcpy into a fixed 256-byte stack buffer when handling TYPE_PTR queries. The overflow is possible because dn_expand converts non-printable ASCII bytes (e.g., 0x01) into multi-character octal representations (e.g., \001), significantly inflating the expanded name beyond the stack buffer's capacity. A crafted DNS packet can exploit this expansion behavior to overflow the stack buffer, making the vulnerability reachable through normal multicast DNS packet processing. This issue has been fixed in versions 24.10.6 and 25.12.1.

Action-Not Available
Vendor-OpenWrt
Product-openwrtopenwrt
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-32976
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.39% / 80.53%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 22:17
Updated-16 Apr, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Moxa NPort IAW5000A-I/O Series Serial Device Server Stack-based Buffer Overflow

Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code.

Action-Not Available
Vendor-Moxa Inc.
Product-nport_iaw5150a-12i\/o_firmwarenport_iaw5250a-6i\/onport_iaw5150a-6i\/o_firmwarenport_iaw5250a-6i\/o_firmwarenport_iaw5150a-6i\/onport_iaw5250a-12i\/onport_iaw5150a-12i\/onport_iaw5250a-12i\/o_firmwareNPort IAW5000A-I/O series firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 12
  • 13
  • Next
Details not found