CVE-2023-41194

D-Link DAP-1325 HNAP SetAPLanSettings SubnetMask Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability...

D-Link DAP-1325 安全漏洞

The D-Link DAP-1325 is a wireless access point/bridge from China's AUO D-Link, which is primarily used to provide wireless network coverage and has a bridging function that can convert a wired network to a wireless network or connect two wireless networks together. A security vulnerability exists...

D-Link DIR-822 安全漏洞

The D-Link DIR-822 is a wireless router from China's AUO D-Link. An access control error vulnerability exists in the D-Link DIR-822+ version V1.0.2, which stems from a login bypass issue in the HNAP1 interface that can be exploited by an attacker to log in to the administrator account using an...

The vulnerability of the prog.cgi component in D-Link DIR-3040 wireless router software allows a hacker to execute arbitrary code.

The vulnerability of the prog.cgi component in D-Link DIR-3040 wireless router software lies in the fact that the output of operations goes beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted HNAP requests to T...

PT-2023-8298 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...

The vulnerability of the HNAP1 protocol implementation in D-Link DIR-2640-US router microsoftware allows a attacker to circumvent security restrictions and execute arbitrary code.

The vulnerability of the HNAP1 protocol implementation in the D-Link DIR-2640-US router microprogramming system is related to insufficient validation of the string entered by the user before it is used to execute system calls when processing the DestNetwork parameter. Exploiting this vulnerabilit...

The vulnerabilities of the DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin microprogramming systems of D-Link DIR-846 allow a hacker to execute arbitrary commands.

The vulnerability of the DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin microprogramming systems of D-Link DIR-846 routers is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability can allow a malicious actor to execute arbitrary commands using a...

D-Link DIR-878 命令注入漏洞

D-Link DIR-878 is a wireless router from D-Link, a Taiwan-based company in China. The D-Link DIR-878 is vulnerable to an operating system command injection vulnerability, which stems from the inclusion of a command injection vulnerability in a system function. An attacker could exploit the...

D-Link DAP-1860 OS Command Injection Vulnerability

The D-Link DAP-1860 is a WiFi range extender from AUO D-Link of Taiwan, China. An operating system command injection vulnerability exists in the HNAP service in the D-Link DAP-1860 using firmware version 1.04b01 and earlier, where the program fails to properly validate user-submitted characters...

D-Link DIR-818LW Command Injection Vulnerability (CNVD-2019-17124)

The D-Link DIR-818LW is a wireless router from AUO D-Link of Taiwan, China. A command injection vulnerability exists in HNAP1 SetWanSettings in the D-Link DIR-818LW versions 2.05.B03 through 2.06B01 BETA. The vulnerability stems from a network system or product not properly filtering specific...

The vulnerability of Samba software allows a remote attacker to compromise the confidentiality of protected information.

The vulnerability exists in Samba due to the lack of protection against password retrieval for all interfaces. Exploiting this vulnerability allows malicious actors, operating remotely, to gain access to the system by retrieving the password during a ChangePasswordUser2 SAMR or RAP attempt...

Microsoft Remote Administration Protocol Server Name Buffer Overflow - Ver2 (CVE-2012-1853)

A buffer overflow vulnerability has been reported in the Remote Administration Protocol RAP implementation in the LanmanWorkstation service in Microsoft Windows XP SP3. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Multiple Routers HNAP Insecure Implementation Privilege Escalation

Multiple routers are vulnerable to insecure implementations of the Home Network Administration Protocol HNAP. This vulnerability could allow unauthenticated users to view and configure administrative settings on the router...

Microsoft Windows multiple security vulnerabilities

RDP user-after-free, Remote Administration Protocol multiple security vulnerabilities, Print Spooler Service format string vulnerability, user-after-free in win32k.sys...

CVE-2012-1850

The Remote Administration Protocol RAP implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle RAP responses, which allows remote...

CVE-2012-1852

Heap-based buffer overflow in the Remote Administration Protocol RAP implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Heap Overflow...

CVE-2012-1853

Stack-based buffer overflow in the Remote Administration Protocol RAP implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Stack Overflow Vulnerability."...

Stack overflow

Stack-based buffer overflow in the Remote Administration Protocol RAP implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Stack Overflow Vulnerability."...

Denial of service

The Remote Administration Protocol RAP implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle RAP responses, which allows remote...

Heap overflow

Heap-based buffer overflow in the Remote Administration Protocol RAP implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Heap Overflow...