Vulnerabilities (CVE)

Filtered by CWE-121
Total 2793 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-46546 1 Nextu 2 Fleta Ax1500, Fleta Ax1500 Firmware 2026-06-17 N/A 7.3 HIGH
NEXTU FLETA AX1500 WIFI6 Router v1.0.3 was discovered to contain a stack overflow via the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-46435 1 Tenda 2 W18e, W18e Firmware 2026-06-17 N/A 8.0 HIGH
A stack overflow vulnerability in the Tenda W18E V16.01.0.8(1625) web management portal allows an authenticated remote attacker to cause a denial of service or potentially execute arbitrary code. This vulnerability occurs due to improper input validation when handling user-supplied data in the delFacebookPic function.
CVE-2024-46325 1 Tp-link 2 Wr740n, Wr740n Firmware 2026-06-17 N/A 5.5 MEDIUM
TP-Link WR740N V6 has a stack overflow vulnerability via the ssid parameter in /userRpm/popupSiteSurveyRpm.htm url.
CVE-2024-46313 1 Tp-link 2 Wr941nd, Wr941nd Firmware 2026-06-17 N/A 8.0 HIGH
TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm.
CVE-2024-46049 1 Tenda 2 O6, O6 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function.
CVE-2024-46047 1 Tenda 2 Fh451, Fh451 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability in the fromDhcpListClient function.
CVE-2024-46046 1 Tenda 2 Fh451, Fh451 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda FH451 v1.0.0.9 has a stack overflow vulnerability located in the RouteStatic function.
CVE-2024-46044 1 Tenda 2 Ch22, Ch22 Firmware 2026-06-17 N/A 9.8 CRITICAL
CH22 V1.0.0.6(468) has a stack overflow vulnerability located in the fromqossetting function.
CVE-2024-45695 1 Dlink 2 Dir-x4860, Dir-x4860 Firmware 2026-06-17 N/A 9.8 CRITICAL
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
CVE-2024-45694 1 Dlink 4 Dir-x4860, Dir-x4860 Firmware, Dir-x5460 and 1 more 2026-06-17 N/A 9.8 CRITICAL
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
CVE-2024-45542 1 Qualcomm 102 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 99 more 2026-06-17 N/A 7.8 HIGH
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
CVE-2024-45415 2026-06-17 N/A 9.8 CRITICAL
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it and stores the checksum on the stack without validating it. An unauthenticated attacker can get RCE as root by exploiting this vulnerability.
CVE-2024-45414 2026-06-17 N/A 9.8 CRITICAL
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checking its length. An unauthenticated attacker can get RCE as root by exploiting this vulnerability.
CVE-2024-45413 2026-06-17 N/A 8.1 HIGH
The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in rsa_decrypt function. This function is an API wrapper for LUA to decrypt RSA encrypted ciphertext, the decrypted data is stored on the stack without checking its length. An authenticated attacker can get RCE as root by exploiting this vulnerability.
CVE-2024-45318 1 Sonicwall 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more 2026-06-17 N/A 8.1 HIGH
A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.
CVE-2024-45162 2026-06-17 N/A 9.8 CRITICAL
A stack-based buffer overflow issue was discovered in the phddns client in Blu-Castle BCUM221E 1.0.0P220507 via the password field.
CVE-2024-45158 1 Trustedfirmware 1 Mbed Tls 2026-06-17 N/A 9.8 CRITICAL
An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. (This never happens in internal library calls, but can affect applications that call these functions directly.)
CVE-2024-45062 1 Openprinting 2 Ippusbxd, Ippusbxd Firmware 2026-06-17 N/A 6.4 MEDIUM
A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer that supports IPP-over-USB can cause a buffer overflow which can lead to a arbitrary code execution in a privileged service. To trigger the vulnerability, a malicious device would need to be connected to the vulnerable system over USB.
CVE-2024-44859 1 Tenda 2 Fh1201, Fh1201 Firmware 2026-06-17 N/A 8.0 HIGH
Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`.
CVE-2024-44674 1 Dlink 2 Covr-2600r, Covr-2600r Firmware 2026-06-17 N/A 5.7 MEDIUM
D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src.