- Affected Firmware: ALFA_CAMPRO-co-2.29
- CVE-ID: CVE-2025-29045
- Root Cause: By analyzing the goahead file in the bin directory, I found that the function APSecurity contains a stack overflow vulnerability.
- Impact: Remote unauthenticated attackers can hijack the program's control flow.
xyqer1
xyqer1
/ ALFA-WiFi-CampPro-APSecurity-newap_text_0.md
Last active
April 17, 2025 09:07
xyqer1
/ ALFA-WiFi-CampPro-GreenAP-GAPSMinute3.md
Last active
April 17, 2025 09:06
- Affected Firmware: ALFA_CAMPRO-co-2.29
- CVE-ID: CVE-2025-29046
- Root Cause: By analyzing the goahead file in the bin directory, I found that the function GreenAP contains a stack overflow vulnerability.
- Impact: Remote unauthenticated attackers can hijack the program's control flow.
xyqer1
/ ALFA-WiFi-CampPro-StorageEditUser-hiddenIndex.md
Last active
April 17, 2025 09:02
xyqer1
/ Netgear-R6100-cgiMain-QUERY_STRING-StackOverflow.md
Last active
April 17, 2025 08:32
- Affected Firmware: V1.0.1.28
- CVE-ID: CVE-2025-29044
- Root Cause: By analyzing the webs file in the bin directory, I found that the function main of cgiMain contains a stack overflow vulnerability.
- Impact: Remote unauthenticated attackers can hijack the program's control flow.
xyqer1
/ Dlink-dir-823x-set_prohibiting-macaddr-CommandInjection.md
Last active
April 17, 2025 08:24
- Affected Firmware: 240802
- CVE-ID: CVE-2025-29042
- Root Cause: By analyzing the webs file in the bin directory, I found that the function 0x42232c contains a command injection vulnerability.
- Impact: Remote unauthenticated attackers can execute arbitrary commands as root.
xyqer1
/ Dlink-dir-823x-set_ntp-year-CommandInjection.md
Last active
April 17, 2025 08:20
- Affected Firmware: 240802
- CVE-ID: CVE-2025-29039
- Root Cause: By analyzing the webs file in the bin directory, I found that the function 0x41dda8 contains a command injection vulnerability.
- Impact: Remote unauthenticated attackers can execute arbitrary commands as root.
xyqer1
/ Dlink-dir-823x-diag_traceroute-target_addr-CommandInjection.md
Last active
April 17, 2025 08:19
- Affected Firmware: 240802
- CVE-ID: CVE-2025-29043
- Root Cause: By analyzing the webs file in the bin directory, I found that the function 0x417234 contains a command injection vulnerability.
- Impact: Remote unauthenticated attackers can execute arbitrary commands as root.
xyqer1
/ Dlink-dir-823x-diag_ping-target_addr-CommandInjection.md
Last active
April 17, 2025 08:17
- Affected Firmware: 240802
- CVE-ID: CVE-2025-29040
- Root Cause: By analyzing the webs file in the bin directory, I found that the function 0x41737c contains a command injection vulnerability.
- Impact: Remote unauthenticated attackers can execute arbitrary commands as root.
xyqer1
/ Dlink-dir-823x-diag_nslookup-target_addr-CommandInjection.md
Last active
April 17, 2025 08:15
- Affected Firmware: 240802
- CVE-ID: CVE-2025-29041
- Root Cause: By analyzing the webs file in the bin directory, I found that the function 0x41710c contains a command injection vulnerability.
- Impact: Remote unauthenticated attackers can execute arbitrary commands as root.
xyqer1
/ Tenda-AC10-AdvSetMacMtuWan-cloneType2-StackOverflow.md
Last active
April 17, 2025 07:58
- Affected Firmware: US_AC10V4.0si_V16.03.10.20_cn_TDC01
- CVE-ID: CVE-2025-25457
- Root Cause: By analyzing the webs file in the bin directory, I found that the function 0x45C380 contains a stack overflow vulnerability.
- Impact: Remote unauthenticated attackers can execute arbitrary commands as root.
NewerOlder