VYPR

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

ClassStableLikelihood: High

Description

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-10 · CAPEC-100 · CAPEC-123 · CAPEC-14 · CAPEC-24 · CAPEC-42 · CAPEC-44 · CAPEC-45 · CAPEC-46 · CAPEC-47 · CAPEC-8 · CAPEC-9

CVEs mapped to this weakness (10,979)

page 67 of 549
  • CVE-2026-9461HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A security vulnerability has been detected in Edimax EW-7438RPn 1.31. Affected is the function formRadius of the file /goform/formRadius. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been…

  • CVE-2026-9460HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of the file /goform/formAccept. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit…

  • CVE-2026-9459HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument max_Conn/timeOut results in stack-based buffer overflow. It is possible to initiate…

  • CVE-2026-9443HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The manipulation of the argument L2TPUserName leads to buffer overflow. The attack…

  • CVE-2026-9442HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be…

  • CVE-2026-9431HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was identified in Tenda F1202 1.2.0.20(408). This affects the function fromPptpUserAdd of the file /goform/PptpUserAdd. The manipulation of the argument opttype leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly…

  • CVE-2026-9430HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was determined in Tenda F1202 1.2.0.20(408). Affected by this issue is the function formGstDhcpSetSer of the file /goform/GstDhcpSetSerof. Executing a manipulation of the argument dips can lead to stack-based buffer overflow. It is possible to launch the attack…

  • CVE-2026-9429HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda F1202 1.2.0.20(408). Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. Performing a manipulation of the argument delno results in stack-based buffer overflow. It is possible to initiate the attack…

  • CVE-2026-9428HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromPPTPUserSetting of the file /goform/PPTPUserSetting. Such manipulation of the argument delno leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has…

  • CVE-2026-9427HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.00

    A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submit-url causes stack-based buffer overflow. The attack is possible to be carried…

  • CVE-2026-9426HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the file /goform/formHwSet. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/initgain/txcck/txofdm/submit-url results in…

  • CVE-2026-9425HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.00

    A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The impacted element is the function formWlanMP of the file /goform/formWlanMP. The manipulation of the argument ateFunc/ateGain/ateTxCount/ateChan/ateRate/ateMacID/e2pTxPower1/e2pTxPower2/e2pTxPower3/e2pTxPowe…

  • CVE-2026-9403HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be…

  • CVE-2026-9401HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to buffer overflow. The attack can be initiated…

  • CVE-2026-9399HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was detected in Edimax BR-6675nD 1.12. This vulnerability affects the function formsetPPPoE of the file /goform/formsetPPPoE of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in buffer overflow. It is possible to…

  • CVE-2026-9393HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. The attack may be initiated remotely. The exploit has been made public…

  • CVE-2026-9389HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.00

    A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly and may…

  • CVE-2026-9382HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Edimax BR-6675nD 1.12. Affected by this issue is the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Executing a manipulation of the argument pptpUserName can lead to buffer overflow. The attack may be…

  • CVE-2026-9381HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was detected in Edimax BR-6675nD 1.12. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in buffer overflow. The…

  • CVE-2026-9380HigMay 24, 2026
    risk 0.57cvss 8.8epss 0.00

    A security vulnerability has been detected in Edimax BR-6675nD 1.12. Affected is the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to buffer overflow. The attack can be…