s4ndw1ch136

17 exploits Active since Jun 2024
CVE-2024-37631 WRITEUP HIGH WORKING POC
Totolink A3700r Firmware - Stack Buffer Overflow
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the File parameter in function UploadCustomModule.
CVSS 8.8
CVE-2024-37632 WRITEUP CRITICAL WRITEUP
Totolink A3700r Firmware - Buffer Overflow
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via the password parameter in function loginAuth .
CVSS 9.8
CVE-2024-37633 WRITEUP HIGH WRITEUP
Totolink A3700r Firmware - Stack Buffer Overflow
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiGuestCfg
CVSS 8.8
CVE-2024-37634 WRITEUP CRITICAL WRITEUP
Totolink A3700r Firmware - Stack Buffer Overflow
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiEasyCfg.
CVSS 9.8
CVE-2024-37635 WRITEUP CRITICAL WRITEUP
Totolink A3700r Firmware - Buffer Overflow
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
CVSS 9.8
CVE-2024-37637 WRITEUP CRITICAL WRITEUP
Totolink A3700r Firmware - Buffer Overflow
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.
CVSS 9.8
CVE-2024-37639 WRITEUP HIGH WRITEUP
Totolink A3700r Firmware - Stack Buffer Overflow
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules.
CVSS 8.8
CVE-2024-37640 WRITEUP HIGH WORKING POC
Totolink A3700r Firmware - Stack Buffer Overflow
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg.
CVSS 8.8
CVE-2024-37641 WRITEUP HIGH WORKING POC
Trendnet Tew-814dap Firmware - Stack Buffer Overflow
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule
CVSS 8.8
CVE-2024-37642 WRITEUP CRITICAL WORKING POC
Trendnet Tew-814dap Firmware - Command Injection
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck .
CVSS 9.1
CVE-2024-37643 WRITEUP HIGH WORKING POC
Trendnet Tew-814dap Firmware - Stack Buffer Overflow
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth .
CVSS 8.8
CVE-2024-37645 WRITEUP HIGH WORKING POC
Trendnet Tew-814dap Firmware - Stack Buffer Overflow
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog .
CVSS 8.8
CVE-2024-38892 WRITEUP MEDIUM WRITEUP
Wavlink WN551K1 - Info Disclosure
An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component.
CVSS 6.5
CVE-2024-38894 WRITEUP MEDIUM WRITEUP
Wavlink Wn551k1 Firmware - Command Injection
WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin/touchlist_sync.cgi.
CVSS 5.3
CVE-2024-38895 WRITEUP MEDIUM WORKING POC
WAVLINK WN551K1 - Info Disclosure
WAVLINK WN551K1'live_mfg.shtml enables attackers to obtain sensitive router information.
CVSS 5.3
CVE-2024-38896 WRITEUP MEDIUM WORKING POC
Wavlink Wn551k1 Firmware - Command Injection
WAVLINK WN551K1 found a command injection vulnerability through the start_hour parameter of /cgi-bin/nightled.cgi.
CVSS 5.3
CVE-2024-38903 WRITEUP MEDIUM WORKING POC
H3C Magic R230 Firmware - Command Injection
H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary commands.
CVSS 4.1