VARIoT IoT vulnerabilities database

TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi. TOTOLINK EX1800T is a Wi-Fi range extender from China's TOTOLINK Electronics. The vulnerability is caused by the tz parameter of the setNtpCfg interface of cstecgi.cgi failing to properly filter special characters and commands in the constructed command. An attacker can exploit this vulnerability to execute arbitrary commands on the system

TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi. TOTOLINK EX1800T is a Wi-Fi range extender from China's Zeon Electronics (TOTOLINK) company. TOTOLINK EX1800T v9.1.0cu.2112_B20220316 version has a command execution vulnerability. The vulnerability stems from the failure of the host_time parameter of the NTPSyncWithHost interface of cstecgi.cgi to correctly filter special characters, commands, etc. in the constructed command

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter in the sysScheduleRebootSet function. Tenda i29 is a wireless router made by China Tenda Company. This vulnerability is caused by the rebootTime parameter of the sysScheduleRebootSet method failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function. Tenda i29 is a wireless router made by China Tenda Company. This vulnerability is caused by the failure of the pingSet method to correctly filter special characters, commands, etc. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the bandwidth parameter in the wifiRadioSetIndoor function. Tenda i29 is a wireless router made by China Tenda Company. Tenda i29 has a buffer overflow vulnerability. This vulnerability is caused by the bandwidth parameter of the wifiRadioSetIndoor method failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function. Tenda i29 is a wireless router from the Chinese company Tenda. Tenda i29 has a buffer overflow vulnerability. This vulnerability is caused by the time parameter of the sysTimeInfoSet method failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function. Tenda i29 is a wireless router from the Chinese company Tenda. Tenda i29 has a buffer overflow vulnerability. This vulnerability is caused by the time parameter of the sysLogin method failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in the lanCfgSet function. Tenda i29 is a wireless router made by China Tenda Company. This vulnerability is caused by the lanGw parameter of the lanCfgSet method failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function. Tenda i29 is a wireless router from the Chinese company Tenda. Tenda i29 has a buffer overflow vulnerability. This vulnerability is caused by the ip parameter of the spdtstConfigAndStart method failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function. Tenda i29 is a wireless router made by China Tenda Company. The vulnerability is caused by the failure of the sysScheduleRebootSet method to correctly filter special characters, commands, etc. in the constructed command. An attacker could exploit this vulnerability to cause arbitrary command execution

D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21810. D-Link Systems, Inc. of G416 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link G416 is a AX1500 4G+ smart router launched by D-Link in June 2025. It supports Wi-Fi 6, AI intelligent optimization, and 4G LTE Cat 6 network, with a maximum speed of 300Mbps

D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21663. D-Link Systems, Inc. of G416 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link G416 is the AX1500 4G+ smart router launched by D-Link in June 2025. It supports Wi-Fi 6, AI-powered optimization, and 4G LTE Cat 6 network, offering speeds up to 300Mbps

D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to gain access to critical functions on the device. Was ZDI-CAN-21287. D-Link Systems, Inc. of G416 Firmware has a lack of authentication vulnerability for critical functionality.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link G416 is the AX1500 4G+ smart router launched by D-Link in June 2025. It supports Wi-Fi 6, AI-powered optimization, and 4G LTE Cat 6 network, offering speeds up to 300Mbps

D-Link G416 nodered tar File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21808. D-Link Systems, Inc. of G416 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link G416 is a AX1500 4G+ smart router launched by D-Link in June 2025. It supports Wi-Fi 6, AI-powered optimization, and 4G LTE Cat 6 network, offering speeds up to 300Mbps

D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21809. D-Link Systems, Inc. of G416 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link G416 is a AX1500 4G+ smart router launched by D-Link in June 2025. It supports Wi-Fi 6, AI intelligent optimization, and 4G LTE Cat 6 network, with a maximum speed of 300Mbps. The D-Link G416 suffers from a command injection vulnerability

D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper handling of error conditions. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-21664. D-Link Systems, Inc. The D-Link G416 is a 4G+ smart router from D-Link, launched in June 2025. It supports Wi-Fi 6, AI-powered optimization, and 4G LTE Cat 6 network, offering speeds up to 300Mbps

D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21811. D-Link Systems, Inc. of G416 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link G416 is a AX1500 4G+ smart router launched by D-Link in June 2025. It supports Wi-Fi 6, AI intelligent optimization, and 4G LTE Cat 6 network, with a maximum speed of 300Mbps

D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21441. D-Link Systems, Inc. of G416 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link G416 is a AX1500 4G+ smart router launched by D-Link in June 2025. It supports Wi-Fi 6, AI intelligent optimization, and 4G LTE Cat 6 network, with a maximum speed of 300Mbps

D-Link G416 httpd API-AUTH Digest Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21662. D-Link Systems, Inc. of G416 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link G416 is a AX1500 4G+ smart router launched by D-Link in June 2025. It supports Wi-Fi 6, AI-powered optimization, and 4G LTE Cat 6 network, offering speeds up to 300Mbps. The D-Link G416 suffers from a buffer overflow vulnerability

D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21442. D-Link Systems, Inc. of G416 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link G416 is a AX1500 4G+ smart router launched by D-Link in June 2025. It supports Wi-Fi 6, AI-powered optimization, and 4G LTE Cat 6 network, offering speeds up to 300Mbps