CVE: CVE-2021-35406 Tested Versions: Prolink PRC2402M 20190909 Product URL(s): https://prolink2u.com/ Description of the vulnerability This vulnerability is present as there are no checks on user input taken by qos.cgi, which is passed to system, allowing an attacker to execute arbitrary code in the context of the root user on affected installations of the Prolink PRC2402M router. No authentication is required to exploit this vulnerability. The router makes POST requests through HTML forms to interact with the cgi scripts....

CVE: CVE-2021-35407 Tested Versions: Prolink PRC2402M 20190909 Product URL(s): https://prolink2u.com/ Description of the vulnerability This vulnerability is present as there are no checks on user input taken by mesh.cgi, which is passed to popen, allowing an attacker to execute arbitrary code in the context of the root user on affected installations of the Prolink PRC2402M router. No authentication is required to exploit this vulnerability. The router makes GET requests to interact with the cgi scripts....

CVE: CVE-2021-35409 Tested Versions: Prolink PRC2402M 20190909 Product URL(s): https://prolink2u.com/ Description of the vulnerability This vulnerability is present as there are no checks on user input taken by nightled.cgi, which is passed to system, allowing an attacker to execute arbitrary code in the context of the root user on affected installations of the Prolink PRC2402M router. No authentication is required to exploit this vulnerability. The router makes GET requests to interact with the cgi scripts....

CVE: CVE-2021-30836 Tested Versions: webkitGTK2.32.0 Product URL(s): https://webkit.org/ Description of the vulnerability In order to show how we can reproduce it, let’s open poc.html in webkitgtk version 2.32.0 within Ubuntu. Alternatively, you may want to use my docker script to build. Source code of build.sh docker build . -t webkit_asan docker run -it --name=webkit2.32.0 webkit_asan /bin/bash Source code of Dockerfile FROM ubuntu:18.04 MAINTAINER mipu94 RUN echo ${WEBKIT_VERSION} ARG DEBIAN_FRONTEND=noninteractive RUN apt-get -y update && \ apt-get install -y wget \ cmake \ bison \ git \ unzip \ xz-utils \ apache2 \ llvm-7 \ clang-7 \ libclang-7-dev \ tzdata \ sed \ ruby WORKDIR /root/ # install ninja RUN wget https://github....

CVE: CVE-2021-35402 Tested Versions: Prolink PRC2402M 20190909 Product URL(s): https://prolink2u.com/ Description of the vulnerability This vulnerability is present as there are no checks on user input taken by live_api.cgi, which is passed to system, allowing an attacker to execute arbitrary code in the context of the root user on affected installations of the Prolink PRC2402M router. No authentication is required to exploit this vulnerability. The router makes GET requests to interact with the cgi scripts....

CVE: CVE-2021-35408 Tested Versions: Prolink PRC2402M 20190909 Product URL(s): https://prolink2u.com/ Description of the vulnerability This vulnerability is present as there are no checks on user input taken by qos.cgi, which is passed to system, allowing an attacker to execute arbitrary code in the context of the root user on affected installations of the Prolink PRC2402M router. No authentication is required to exploit this vulnerability. The router makes POST requests through HTML forms to interact with the cgi scripts....

CVE: CVE-2021-0956 Tested Versions: RQ1A.210205.004 Product URL(s): https://www.android.com/ Description of the vulnerability There is a Out-Of-Bounds Write problem found in libnfc_nci_jni.so, within the NFC endpoints discovering and activation. Specifically, in file packages/apps/Nfc/nci/jni/NfcTag.cpp, function NfcTag::discoverTechnologies (activation), when a new NFC endpoint is actived, its information is append to some arrays. Since there is no bound check when append data, it may result in a Out-of-bounds Write vulnerability....