IdaJea/IOT_vuln_1

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-28219 ↗	Mar 28, 2025Friday, 28 March 2025, 14:15	9.8 CRITICAL	—
Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request.
CVE-2025-28220 ↗	Mar 28, 2025Friday, 28 March 2025, 14:15	7.5 HIGH	—
Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the setcfm function, which allows remote attackers to cause web server crash via parameter funcpara1 passed to the binary through a POST request.
CVE-2025-28221 ↗	Mar 28, 2025Friday, 28 March 2025, 14:15	7.5 HIGH	—
Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the set_local_time function, which allows remote attackers to cause web server crash via parameter time passed to the binary through a POST request.