CVE-2026-6155: OS Command Injection in Totolink A7100RU This vulnerability affects the Totolink A7100RU router firmware 7.4cu.2313. The setWanCfg function in the CGI handler improperly sanitizes the pppoeServiceName parameter, allowing an attacker to inject arbitrary OS commands remotely. The CV

Totolink A7100RU (fw 7.4cu.2313) hit by CRITICAL OS command injection (CVE-2026-6155). Remote code execution possible — no patch yet. Disable remote mgmt, restrict access, monitor activity. radar.offseq.com/threat/cve-2026-6155-os-... #OffSeq #CVE202...

CVE-2026-5036: Stack-based Buffer Overflow in Tenda 4G06 CVE-2026-5036 identifies a stack-based buffer overflow vulnerability in the Tenda 4G06 router firmware version 04.06.01.29. The vulnerability resides in the fromDhcpListClient function of the /goform/DhcpListClient endpoint, part of the rou

Tenda 4G06 routers (04.06.01.29) face a HIGH severity stack overflow (CVE-2026-5036) — remote code execution possible. Exploit code is public. Isolate & monitor devices, apply updates ASAP. radar.offseq.com/threat/cve-2026-5036-sta... #OffSeq #CVE202...

CVE-2026-26369: Improper Privilege Management in JUNG eNet SMART HOME server CVE-2026-26369 is a critical security vulnerability identified in the JUNG eNet SMART HOME server software versions 2.2.1 and 2.3.1. The root cause is improper privilege management due to insufficient authorization validation within the set

CRITICAL: CVE-2026-26369 in JUNG eNet SMART HOME server (2.2.1/2.3.1) lets users escalate to admin via /jsonrpc/management. Restrict endpoint, monitor changes, and await patch. radar.offseq.com/threat/cve-2026-26369-im... #OffSeq #IoTSecurity #CVE202...

Security threat visualization

Ghost Robotics Vision 60 v0.27.2 has a CRITICAL flaw: remote attackers can take control via Wi-Fi/4G due to missing authentication. Segment networks & monitor traffic now! radar.offseq.com/threat/cve-2025-41108-cw... #OffSeq #RoboticsSecurity #CVE202...