Qi Li

7 exploits Active since Jun 2024
CVE-2024-37661 WRITEUP MEDIUM WRITEUP
TP-LINK TL-7DR5130 1.0.23 - Traffic Hijacking via Forged ICMP Redirect Messages
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages.
CVSS 6.3
CVE-2024-37662 WRITEUP MEDIUM WRITEUP
TP-LINK TL-7DR5130 v1.0.23 - TCP Denial of Service or Traffic Hijacking via Forged RST Messages
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.
CVSS 6.3
CVE-2024-37663 WRITEUP MEDIUM WRITEUP
Redmi Router RB03 1.0.57 - Forged ICMP Redirect Traffic Hijacking
Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages.
CVSS 4.1
CVE-2024-37664 WRITEUP MEDIUM WRITEUP
Redmi AX6S Firmware - TCP Denial of Service or Traffic Hijacking via Forged RST Messages
Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.
CVSS 5.2
CVE-2024-57412 WRITEUP HIGH WRITEUP
SunOS Omnios v5.11 - Denial of Service via Crafted TCP Packets
An issue in SunOS Omnios v5.11 allows attackers to cause a Denial of Service (DoS) via repeatedly sending crafted TCP packets.
CVSS 7.5
CVE-2025-56233 WRITEUP HIGH WRITEUP
Openindiana kernel SunOS 5.11 - DoS
Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP packets with RST or SYN flag set, Openindiana has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within the current receive window, which violates RFC5961. This flaw allows attackers to send multiple random TCP RST/SYN packets to hit the acceptable range of sequence numbers, thereby interrupting normal connections and causing a denial of service attack.
CVSS 7.5
CVE-2025-56234 WRITEUP HIGH WRITEUP
AT_NA2000 - Denial of Service via TCP RST Packet Sequence Number Spoofing
AT_NA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC AT_NA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within the current receive window, which violates RFC5961. This flaw allows attackers to send multiple random TCP RST packets to hit the acceptable range of sequence numbers, thereby interrupting normal connections and causing a denial-of-service attack.
CVSS 7.5