366 matches found
CVE-2018-17065
CVE-2018-17065 affects D-Link DIR-816 A2 (firmware 1.10 B05). The flaw is a stack-based buffer overflow in the /goform/DDNS handler caused by processing very long passwords, which can overwrite the return address. Connected sources corroborate the affected product and vulnerability class. No offi...
CVE-2018-17063
CVE-2018-17063 affects D‑Link DIR-816 A2 firmware 1.10 B05. In the NTPSyncWithHost handler, an HTTP request parameter is used to construct a shell command, enabling command injection via shell metacharacters . A remote attacker could potentially execute arbitrary commands on the device. Public so...
CVE-2018-17066
CVE-2018-17066 affects D-Link DIR-816 A2 with firmware 1.10 B05. The /goform/form2systime.cgi handler builds a command string using the HTTP datetime parameter, allowing command injection via shell metacharacters. Network-accessible in the affected device with no authentication required, and the ...
CVE-2018-17068
An explicit vulnerability entry exists for D-Link DIR-816 A2 with firmware 1.10 B05 (DIR-816) where the HTTP /goform/Diagnosis handler builds a command string using the sendNum parameter, enabling command injection via shell metacharacters. Connected CNVD/CVEs reiterate that this is a command-inj...
PT-2018-3880 · D Link · D-Link Dir-816 A2
Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: The issue is related to a stack-based buffer overflow that can occur when a very long password is sent to the /goform/formLogin endpoint. This can lead to overwriting the return address. The...
PT-2018-3884 · D Link · D-Link Dir-816 A2
Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: An issue exists in the handler function of the "/goform/NTPSyncWithHost" route, where an HTTP request parameter is used in command string construction. This could lead to command injection via...
Stack overflow
Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 CN routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header...
CVE-2018-11013
Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 CN routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header...
CVE-2018-11013
Affected product: D-Link DIR-816 A2 routers running firmware 1.10B05. The vulnerability is a stack-based buffer overflow in the GoAhead websRedirect function that can be triggered by a long HTTP Host header, allowing unauthenticated remote code execution. Multiple sources (CNVD and NVD entries) c...
CVE-2017-7278
Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors...
CVE-2017-7278
Unspecified vulnerability in ASSA ABLOY APTUS Styra Porttelefonkort 4400 before A2 has unknown impact and attack vectors...
New Relic: Broken Authentication and session management OWASP A2
@honc reported an issue with session expiration. We determined that this report was invalid, and it was self-closed by the researcher. Insufficient Session Expiration vulnerability...
CVE-2009-4549
Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote attackers to execute arbitrary code via a long string in a 1 .m3u or 2 .m3l playlist file...
Stack overflow
Stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote attackers to execute arbitrary code via a long string in a 1 .m3u or 2 .m3l playlist file...
CVE-2009-4549
CVE-2009-4549 : A stack-based buffer overflow in A2 Media Player Pro 2.51 allows remote attackers to execute arbitrary code via a long string in a playlist file (.m3u or .m3l). The vulnerability is triggered during playlist parsing, enabling potential code execution without user interaction. Publ...
A2 Media Player Pro 2.51 (.m3u /m3l) Universal Local BOF Exploit (SEH)
Exploit for unknown platform in category local exploits ====================================================================== A2 Media Player Pro 2.51 .m3u /m3l Universal Local BOF Exploit SEH ====================================================================== !/usr/bin/perl by hack4love A2...
A2 Media Player Pro 2.51 - .m3u .m3l Universal Local Buffer Overflow (SEH)
A2 Media Player Pro 2.51 - .m3u .m3l Universal Local Buffer Overflow SEH !/usr/bin/perl by hack4love [email protected] A2 Media Player ProV2.51.m3u /m3lUniversal Local Buffer Exploit SEH easy this work sooooooooo good Thanks for WwW.Sec-ArT.CoM/cc team and 3asfh.net team AND special THANKS FO...
A2 Media Player Pro 2.51 - '.m3u' / '.m3l' Universal Local Buffer Overflow (SEH)
!/usr/bin/perl by hack4love [email protected] A2 Media Player ProV2.51.m3u /m3lUniversal Local Buffer Exploit SEH easy this work sooooooooo good Thanks for WwW.Sec-ArT.CoM/cc team and 3asfh.net team AND special THANKS FOR His0k4 i respect him so much god with him...
A2 Media Player Pro 2.51 Buffer Overflow
!/usr/bin/perl by hack4love [email protected] A2 Media Player ProV2.51.m3u /m3lUniversal Local Buffer Exploit SEH easy this work sooooooooo good Thanks for WwW.Sec-ArT.CoM/cc team and 3asfh.net team AND special THANKS FOR His0k4 i respect him so much god with him...
CVE-2008-5198
CVE-2008-5198 is an SQL injection vulnerability in Acmlmboard 1.A2, specifically in memberlist.php, where the pow parameter can be exploited to execute arbitrary SQL commands. Multiple sources confirm the affected software (Acmlmboard 1.A2) and the vulnerable parameter without detailing any mitig...