Lucene search
K

17 matches found

OSV
OSV
added 2022/10/26 7:15 p.m.5 views

CVE-2022-43003

D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function...

9.8CVSS5.8AI score0.01191EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/10/26 12:0 a.m.3 views

D-Link DIR-816 A2 缓冲区错误漏洞

The D-Link DIR-816 A2 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a stack overflow in the pskValue parameter of the setSecurity function...

9.8CVSS8.4AI score0.01191EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/26 12:0 a.m.3 views

D-Link DIR-816 A2 缓冲区错误漏洞

The D-Link DIR-816 A2 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a stack overflow in the pskValue parameter of the setRepeaterSecurity function...

9.8CVSS8.4AI score0.01191EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/26 12:0 a.m.6 views

D-Link DIR-816 A2 缓冲区错误漏洞

The D-Link DIR-816 A2 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which originates from a stack overflow in the srcip parameter of /goform/form2IPQoSTcAdd...

9.8CVSS8.4AI score0.01191EPSS
Exploits1References3
CVE
CVE
added 2022/10/26 12:0 a.m.67 views

CVE-2022-43001

CVE-2022-43001 affects D-Link DIR-816 A2, version 1.10 B05, with a stack overflow in the setSecurity function’s pskValue parameter. The vulnerability is documented with a high-impact CVSS v3.1 score (9.8, CRITICAL) across network attack vector, no user interaction, and impacts to confidentiality,...

9.8CVSS9.6AI score0.01191EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/10/26 12:0 a.m.69 views

CVE-2022-43002

The CVE-2022-43002 entry concerns a D-Link DIR-816 A2 device with firmware 1.10 B05 (noted in multiple sources). The vulnerability is a stack overflow in the wizardstep54_pskpwd parameter handled by /goform/form2WizardStep54, affecting the network-facing form. CVSS metrics indicate a CRITICAL imp...

9.8CVSS9.6AI score0.01191EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2021/04/15 12:0 a.m.7 views

D-Link DIR-816 Stack Buffer Overflow Vulnerability

The D-Link DIR-816 is a wireless AC750 dual-band router. A stack buffer overflow vulnerability exists in the handler function of /goform/addassignment in the D-Link DIR-816 A2 version 1.10 B05. An attacker can exploit the vulnerability by entering long text in the sip and smac fields to cause the...

9.8CVSS7.2AI score0.24552EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/17 12:0 a.m.3 views

D-Link DIR-816 Command Injection Vulnerability (CNVD-2019-02398)

D-Link DIR-816 is a home router product from AUO. A command injection vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which stems from the program's use of the 'datetime' parameter value to construct the 'date -s "%s"' command, which can be exploited by an attacker to this...

10CVSS9.9AI score0.07255EPSS
Exploits1References1
Prion
Prion
added 2018/09/15 9:29 p.m.13 views

Command injection

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter...

10CVSS9.6AI score0.07255EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/09/15 9:29 p.m.12 views

Stack overflow

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address...

10CVSS9.6AI score0.01892EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/09/15 9:0 p.m.40 views

CVE-2018-17068

An explicit vulnerability entry exists for D-Link DIR-816 A2 with firmware 1.10 B05 (DIR-816) where the HTTP /goform/Diagnosis handler builds a command string using the sendNum parameter, enabling command injection via shell metacharacters. Connected CNVD/CVEs reiterate that this is a command-inj...

10CVSS9.6AI score0.03678EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/09/15 9:0 p.m.44 views

CVE-2018-17063

CVE-2018-17063 affects D‑Link DIR-816 A2 firmware 1.10 B05. In the NTPSyncWithHost handler, an HTTP request parameter is used to construct a shell command, enabling command injection via shell metacharacters . A remote attacker could potentially execute arbitrary commands on the device. Public so...

10CVSS9.6AI score0.04143EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/09/15 9:0 p.m.48 views

CVE-2018-17065

CVE-2018-17065 affects D-Link DIR-816 A2 (firmware 1.10 B05). The flaw is a stack-based buffer overflow in the /goform/DDNS handler caused by processing very long passwords, which can overwrite the return address. Connected sources corroborate the affected product and vulnerability class. No offi...

10CVSS9.6AI score0.01892EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2018/09/15 12:0 a.m.5 views

PT-2018-3882 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: The issue is related to a stack-based buffer overflow in the handler function of the "/goform/DDNS" route. This overflow can occur when a very long password is used, potentially allowing an...

10CVSS10AI score0.01892EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2018/09/15 12:0 a.m.5 views

PT-2018-3881 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: An issue exists in the handler function of the "/goform/form2systime.cgi" route, where an HTTP request parameter is used in command string construction. This could lead to command injection via...

10CVSS9.8AI score0.07255EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2018/09/15 12:0 a.m.4 views

PT-2018-3883 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: An issue exists due to the lack of neutralization of special elements used in the command string construction within the handler function of the "/goform/sylogapply" route. This could lead to...

10CVSS9.9AI score0.07381EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2018/09/15 12:0 a.m.4 views

PT-2018-3880 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: The issue is related to a stack-based buffer overflow that can occur when a very long password is sent to the /goform/formLogin endpoint. This can lead to overwriting the return address. The...

10CVSS9.8AI score0.01892EPSS
Exploits1References3
Rows per page
Query Builder