Security Vulnerabilities
A vulnerability was found in Wavlink NU516U1 M16U1_V240425. The impacted element is the function sub_402D1C of the file /cgi-bin/wireless.cgi of the component DeleteMac Page. Performing manipulation of the argument delete_list results in command injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.3
EPSS Score
0.014
Published
2025-09-25
A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. This affects the function sub_4030C0 of the file /cgi-bin/wireless.cgi of the component Delete_Mac_list Page. Executing manipulation of the argument delete_list can lead to command injection. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
5.5
EPSS Score
0.02
Published
2025-09-25
A flaw has been found in Wavlink NU516U1 M16U1_V240425. Impacted is the function sub_403010 of the file /cgi-bin/wireless.cgi of the component AddMac Page. This manipulation of the argument macAddr causes command injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.3
EPSS Score
0.014
Published
2025-09-25
All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to extract the proprietary "Dingtian Binary" protocol password by sending an unauthenticated GET request.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-25
All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to retrieve the current user's username without authentication.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-09-25
An issue was discovered TensorFlow v2.18.0. A Denial of Service (DoS) occurs when padding is set to 'valid' in tf.keras.layers.Conv2D.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-25
pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-25
A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS).
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-25
pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().
CVSS Score
5.3
EPSS Score
0.0
Published
2025-09-25
TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-09-25