Aggregator

CVE-2026-9466 | Tiandy Easy7 Integrated Management Platform 7.17.0 API Endpoint updateUserPassword password recovery

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0 and classified as critical. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. This vulnerability is handled as CVE-2026-9466. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-9465 | Tiandy Easy7 Integrated Management Platform 7.17.0 GetDBDataEx.jsp strTBName sql injection

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability has been found in Tiandy Easy7 Integrated Management Platform 7.17.0 and classified as critical. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation of the argument strTBName results in sql injection. This vulnerability is known as CVE-2026-9465. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-9464 | YunaiV yudao-cloud 2026.03 Admin API Endpoint create IotDataSinkHttpConfig server-side request forgery

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability, which was classified as critical, was found in YunaiV yudao-cloud 2026.03. This affects the function IotDataSinkHttpConfig of the file /admin-api/iot/data-sink/create of the component Admin API Endpoint. Such manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2026-9464. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-9463 | Edimax EW-7438RPn 1.31 /goform/formLicence submit-url stack-based overflow

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability, which was classified as critical, has been found in Edimax EW-7438RPn 1.31. Affected by this issue is the function formLicence of the file /goform/formLicence. This manipulation of the argument submit-url causes stack-based buffer overflow. This vulnerability appears as CVE-2026-9463. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-9462 | Edimax EW-7438RPn 1.31 formWpsProxyEnable submit-url stack-based overflow

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability classified as critical was found in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. This vulnerability is reported as CVE-2026-9462. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-9461 | Edimax EW-7438RPn 1.31 /goform/formRadius submit-url stack-based overflow

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability classified as critical has been found in Edimax EW-7438RPn 1.31. Affected is the function formRadius of the file /goform/formRadius. The manipulation of the argument submit-url leads to stack-based buffer overflow. This vulnerability is documented as CVE-2026-9461. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-9460 | Edimax EW-7438RPn 1.31 /goform/formAccept submit-url stack-based overflow

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability described as critical has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of the file /goform/formAccept. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. This vulnerability is registered as CVE-2026-9460. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-9459 | Edimax EW-7438RPn 1.31 formConnectionSetting max_Conn/timeOut stack-based overflow

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability marked as critical has been reported in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument max_Conn/timeOut results in stack-based buffer overflow. This vulnerability is cataloged as CVE-2026-9459. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-9458 | Totolink A8000RU 7.1cu.643_b20200521 Web Management Interface /cgi-bin/cstecgi.cgi setWanCfg enabled os command injection

VulDB Recent Entries
3 weeks 6 days ago
A vulnerability labeled as critical has been found in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. This vulnerability is listed as CVE-2026-9458. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

Managed ad