Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-55599
D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formWlanSetup function via the parameter f_wds_wepKey.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-22
CVE-2025-55602
D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formSysCmd function via the submit-url parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-22
CVE-2025-55603
Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the fromSetSysTime function via the ntpServer parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-22
CVE-2025-55605
Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the saveParentControlInfo function via the deviceName parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-22
CVE-2025-55606
Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the fromAdvSetMacMtuWan function via the serverName parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-22
CVE-2025-55611
D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formLanguageChange function via the nextPage parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-22
CVE-2025-51605
An issue was discovered in Shopizer 3.2.7. The server's CORS implementation reflects the client-supplied Origin header verbatim into Access-Control-Allow-Origin without any whitelist validation, while also enabling Access-Control-Allow-Credentials: true. This allows any malicious origin to make authenticated cross-origin requests and read sensitive responses.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-08-22
CVE-2025-50674
An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system/user.inc in OpenMediaVault 7.4.17 allowing local authenticated attackers to escalate privileges to root.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-08-22
CVE-2010-20113
EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying an excessively long value causes a buffer overflow on the stack, potentially corrupting control flow structures. The vulnerability is exposed through the embedded web server and does not require authentication due to default anonymous access. The issue was resolved in version 1.7.0.12, after which the product was renamed to UplusFtp.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-08-21
CVE-2025-55229
Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-08-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved