CVE-2017-20222 - Telesquare SKT LTE Router SDT-CS3B1 Unauthenticated Remote Reboot
CVE ID :CVE-2017-20222
Published : March 16, 2026, 1:28 a.m. | 1 hour, 2 minutes ago
Description :Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of service by forcing the router to restart.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2017-20222
Published : March 16, 2026, 1:28 a.m. | 1 hour, 2 minutes ago
Description :Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of service by forcing the router to restart.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2017-20223 - Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
CVE ID :CVE-2017-20223
Published : March 16, 2026, 1:28 a.m. | 1 hour, 2 minutes ago
Description :Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrieve sensitive information and access functionalities without proper access controls.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2017-20223
Published : March 16, 2026, 1:28 a.m. | 1 hour, 2 minutes ago
Description :Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrieve sensitive information and access functionalities without proper access controls.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2017-20224 - Telesquare SKT LTE Router SDT-CS3B1 WebDAV Arbitrary File Upload
CVE ID :CVE-2017-20224
Published : March 16, 2026, 1:28 a.m. | 1 hour, 2 minutes ago
Description :Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executable code, delete files, or manipulate server content for remote code execution or denial of service.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2017-20224
Published : March 16, 2026, 1:28 a.m. | 1 hour, 2 minutes ago
Description :Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executable code, delete files, or manipulate server content for remote code execution or denial of service.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-4205 - D-Link DNS-1550-04 app_mgr.cgi FTP_Server_BlockIP_Del command injection
CVE ID :CVE-2026-4205
Published : March 16, 2026, 1:32 a.m. | 58 minutes ago
Description :A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_refresh_db/FTP_Server_BlockIP_Add/FTP_Server_BlockIP_Del of the file /cgi-bin/app_mgr.cgi. Such manipulation leads to command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-4205
Published : March 16, 2026, 1:32 a.m. | 58 minutes ago
Description :A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_refresh_db/FTP_Server_BlockIP_Add/FTP_Server_BlockIP_Del of the file /cgi-bin/app_mgr.cgi. Such manipulation leads to command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-4212 - D-Link DNS-1550-04 download_mgr.cgi Downloads_Schedule_Info stack-based overflow
CVE ID :CVE-2026-4212
Published : March 16, 2026, 3:32 a.m. | 3 hours, 1 minute ago
Description :A security vulnerability has been detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function Downloads_Schedule_Info of the file /cgi-bin/download_mgr.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-4212
Published : March 16, 2026, 3:32 a.m. | 3 hours, 1 minute ago
Description :A security vulnerability has been detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function Downloads_Schedule_Info of the file /cgi-bin/download_mgr.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-4213 - D-Link DNS-1550-04 gui_mgr.cgi cgi_myfavorite_verify stack-based overflow
CVE ID :CVE-2026-4213
Published : March 16, 2026, 4:02 a.m. | 2 hours, 31 minutes ago
Description :A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function cgi_myfavorite_del_user/cgi_myfavorite_verify of the file /cgi-bin/gui_mgr.cgi. Performing a manipulation results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-4213
Published : March 16, 2026, 4:02 a.m. | 2 hours, 31 minutes ago
Description :A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function cgi_myfavorite_del_user/cgi_myfavorite_verify of the file /cgi-bin/gui_mgr.cgi. Performing a manipulation results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20988 - Google Settings Intent Injection Vulnerability
CVE ID :CVE-2026-20988
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20988
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20989 - Google Chrome Font Settings Signature Verification Bypass
CVE ID :CVE-2026-20989
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20989
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20990 - Samsung Secure Folder Android Activity Launching Vulnerability
CVE ID :CVE-2026-20990
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20990
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20991 - QNAP QTS Privilege Escalation Vulnerability
CVE ID :CVE-2026-20991
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20991
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20992 - Samsung Settings Background Data Usage Authorization Bypass Vulnerability
CVE ID :CVE-2026-20992
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20992
Published : March 16, 2026, 4:31 a.m. | 2 hours, 1 minute ago
Description :Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20993 - Samsung Assistant Component Export Vulnerability
CVE ID :CVE-2026-20993
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20993
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20994 - Samsung Account Unauthenticated Token Disclosure
CVE ID :CVE-2026-20994
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :URL redirection in Samsung Account prior to version 15.5.01.1 allows remote attackers to potentially get access token.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20994
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :URL redirection in Samsung Account prior to version 15.5.01.1 allows remote attackers to potentially get access token.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20995 - Smart Switch Unauthenticated Configuration Setting Vulnerability
CVE ID :CVE-2026-20995
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a specific configuration.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20995
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a specific configuration.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20996 - "Smart Switch Cryptographic Algorithm Vulnerability"
CVE ID :CVE-2026-20996
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20996
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20997 - Smart Switch Cryptographic Signature Verification Bypass Vulnerability
CVE ID :CVE-2026-20997
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20997
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20998 - Belkin Smart Switch Authentication Bypass
CVE ID :CVE-2026-20998
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20998
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-20999 - Smart Switch Authentication Bypass by Replay Vulnerability
CVE ID :CVE-2026-20999
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-20999
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-21000 - Galaxy Store Privilege Escalation Vulnerability
CVE ID :CVE-2026-21000
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-21000
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-21001 - Galaxy Store Path Traversal File Creation Vulnerability
CVE ID :CVE-2026-21001
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-21001
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-4214 - D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow
CVE ID :CVE-2026-4214
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function UPnP_AV_Server_Path_Setting of the file /cgi-bin/app_mgr.cgi. Executing a manipulation can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-4214
Published : March 16, 2026, 4:32 a.m. | 2 hours, 1 minute ago
Description :A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function UPnP_AV_Server_Path_Setting of the file /cgi-bin/app_mgr.cgi. Executing a manipulation can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...