An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79. A specially crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1978
Description The improper neutralization of special elements in the parameter “host” in the CGI program of Zyxel NWA1123ACv3 firmware version
Description The registration process of uniFLOW Online (NT-ware product) apps, prior to and including version 2024.1.0, can be compromised when
Description D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code via a stack-based buffer overflow in