Realtek

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-47856 2Level1 Realtek 2Rtl819x Jungle Software Development Kit Wbr 6013 Firmware Nov 4, 2025 Jul 8, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A stack-based buffer overflow vulnerability exists in the boa set_RadvdPrefixParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An...Show more A stack-based buffer overflow vulnerability exists in the boa set_RadvdPrefixParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.Show less
CVE-2023-47677 2Level1 Realtek 2Rtl819x Jungle Software Development Kit Wbr 6013 Firmware Nov 4, 2025 Jul 8, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP...Show more A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network request can lead to CSRF. An attacker can send an HTTP request to trigger this vulnerability.Show less
CVE-2023-45742 2Level1 Realtek 2Rtl819x Jungle Software Development Kit Wbr 6013 Firmware Nov 4, 2025 Jul 8, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker...Show more An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.Show less
CVE-2023-45215 2Level1 Realtek 2Rtl819x Jungle Software Development Kit Wbr 6013 Firmware Nov 4, 2025 Jul 8, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An a...Show more A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability.Show less
CVE-2023-41251 2Level1 Realtek 2Rtl819x Jungle Software Development Kit Wbr 6013 Firmware Nov 4, 2025 Jul 8, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can...Show more A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.Show less
CVE-2023-34435 2Level1 Realtek 2Rtl819x Jungle Software Development Kit Wbr 6013 Firmware Nov 4, 2025 Jul 8, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network packets can lead to arbitrary firmware update. An attacker can provide a malic...Show more A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted network packets can lead to arbitrary firmware update. An attacker can provide a malicious file to trigger this vulnerability.Show less
CVE-2022-25480 1Realtek 2Rtsper Rtsuer Mar 25, 2025 Jul 2, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows writing to kernel memory beyond t...Show more Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP.Show less
CVE-2022-25479 1Realtek 2Rtsper Rtsuer Nov 21, 2024 Jul 2, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows for the leakage of kernel memory...Show more Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows for the leakage of kernel memory from both the stack and the heap.Show less
CVE-2022-25478 1Realtek 2Rtsper Rtsuer Nov 21, 2024 Jul 2, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 provides read and write access to the PC...Show more Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 provides read and write access to the PCI configuration space of the device.Show less
CVE-2022-25477 1Realtek 2Rtsper Rtsuer Nov 21, 2024 Jul 2, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 leaks driver logs that contain addresses...Show more Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR.Show less
CVE-2020-26652 1Realtek 1Rtl8812au Firmware Nov 21, 2024 Aug 22, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service.
CVE-2022-40740 1Realtek 2Usdk Xpon Software Development Kit Nov 21, 2024 Jan 3, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system...Show more Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.Show less
CVE-2022-32967 1Realtek 2Rtl8111ep Cg Firmware Rtl8111fp Cg Firmware Nov 21, 2024 Nov 29, 2022 N/A· v4 2.1 LOW· v3 N/A· v2 RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system inform...Show more RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.Show less
CVE-2022-32966 1Realtek 1Rtl8111fp Cg Firmware Nov 21, 2024 Nov 29, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service.
CVE-2022-34326 1Realtek 1Rtl8195am Firmware May 21, 2025 Sep 27, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 In ambiot amb1_sdk (aka SDK for Ameba1) before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi...Show more In ambiot amb1_sdk (aka SDK for Ameba1) before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX task would be locked when there are frequent and continuous Wi-Fi connection (with four-way handshake) failures in Soft AP mode.Show less
CVE-2022-26529 1Realtek 1Bluetooth Mesh Software Development Kit Nov 21, 2024 Aug 30, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets’ link parameter. An unauthenticated attacker in the adjacent network can exploit this vuln...Show more Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets’ link parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.Show less
CVE-2022-26528 1Realtek 1Bluetooth Mesh Software Development Kit Nov 21, 2024 Aug 30, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can ex...Show more Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.Show less
CVE-2022-26527 1Realtek 1Bluetooth Mesh Software Development Kit Nov 21, 2024 Aug 30, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packets’ reference parameter. An unauthenticated attacker in the adjacent network can...Show more Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packets’ reference parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service.Show less
CVE-2022-25635 1Realtek 1Bluetooth Mesh Software Development Kit Nov 21, 2024 Aug 30, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulner...Show more Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulnerability to disrupt service.Show less
CVE-2022-27255 1Realtek 2Ecos Msdk Firmware Ecos Rsdk Firmware Nov 21, 2024 Aug 1, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP pack...Show more In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.Show less

Previous 123 4 Next