Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-5411

Malware in sbrugna...

6.5CVSS6.5AI score0.00755EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-5412

Malware in sbrugna...

7.5CVSS7.5AI score0.01205EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-21746

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.03126EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/25 12:0 a.m.4 views

D-Link DSP-W215 安全漏洞

D-Link DSP-W215 is a smart plug product from China AUO D-Link. A security vulnerability exists in the D-Link DSP-W215 version 1.02, which stems from the mycgi.cgi component improperly handling HTTP POST requests, which could lead to a stack buffer overflow and remote code execution...

9.8CVSS8.2AI score0.05031EPSS
Exploits1References7
NVD
NVD
added 2025/07/16 10:15 p.m.6 views

CVE-2025-34125

An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary commands on the...

9.3CVSS0.03126EPSS
Exploits0References4
CVE
CVE
added 2025/07/16 9:9 p.m.20 views

CVE-2025-34125

CVE-2025-34125 describes an unauthenticated command injection in the D-Link DSP-W110A1 cookie handling of the lighttpd web server, affecting firmware 1.05B01. The root cause is processing of specially crafted cookie values that allows remote attackers to execute arbitrary commands on the underlyi...

9.3CVSS8.3AI score0.03126EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/16 9:9 p.m.5 views

CVE-2025-34125 D-Link DSP-W110A1 Cookie Command Injection

An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary commands on the...

9.3CVSS8.8AI score0.03126EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/16 9:9 p.m.7 views

CVE-2025-34125 D-Link DSP-W110A1 Cookie Command Injection

An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary commands on the...

9.3CVSS0.03126EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.3 views

PT-2025-29887 · D Link +2 · D-Link Dsp-W110A1 +2

Name of the Vulnerable Software and Affected Versions: D-Link DSP-W110A1 version 1.05B01 Description: An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server. This occurs when specially crafted cookie values are processed, allowing remot...

9.3CVSS8.2AI score0.03126EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.3 views

D-Link DSP-W110A1 安全漏洞

The D-Link DSP-W110A1 is a Wi-Fi smart routing device. The D-Link DSP-W110A1 suffers from a command injection vulnerability that stems from incorrectly filtering input parameters, which can be exploited by an attacker to submit a special request and execute arbitrary commands...

9.3CVSS8AI score0.03126EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 3:12 p.m.7 views

CVE-2020-13136

D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer...

7.5CVSS7.1AI score0.01205EPSS
Exploits0
Prion
Prion
added 2021/08/10 8:15 p.m.12 views

Null pointer dereference

UNSUPPORTED WHEN ASSIGNED Null Pointer Dereference vulnerability exists in D-Link DSP-W215 1.10, which could let a remote malicious user cause a denial of servie via usr/bin/lighttpd. It could be triggered by sending an HTTP request without URL in the start line directly to the device. NOTE: The...

5CVSS7.4AI score0.01127EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.3 views

PT-2021-18162 · D Link · D-Link Dsp-W215

Name of the Vulnerable Software and Affected Versions: D-Link DSP-W215 version 1.10 Description: A Null Pointer Dereference issue exists, which could allow a remote malicious user to cause a denial of service via usr/bin/lighttpd. This can be triggered by sending an HTTP request without a URL in...

7.5CVSS6.8AI score0.01127EPSS
Exploits0References4
CNVD
CNVD
added 2020/05/19 12:0 a.m.2 views

D-Link DSP-W215 Information Disclosure Vulnerability (CNVD-2020-33174)

The D-Link DSP-W215 is a smart plug product from Taiwan, China-based AUO D-Link. A security vulnerability exists in D-Link DSP-W215 version 1.26b03. An attacker can exploit the vulnerability to cause information disclosure...

6.5CVSS6.6AI score0.00755EPSS
Exploits0References1
OSV
OSV
added 2020/05/18 5:15 p.m.3 views

CVE-2020-13135

D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy...

6.5CVSS6.6AI score
Exploits0References1
Prion
Prion
added 2020/05/18 5:15 p.m.13 views

Information disclosure

D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy...

3.3CVSS6.2AI score0.00755EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/05/18 5:15 p.m.11 views

Design/Logic Flaw

D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer...

5CVSS7.6AI score0.01205EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/05/18 12:0 a.m.5 views

PT-2020-13349 · Squid +1 · Squid Proxy +1

Name of the Vulnerable Software and Affected Versions: D-Link DSP-W215 version 1.26b03 Description: The issue allows information disclosure by intercepting messages on the local network. This can be demonstrated using a Squid Proxy. Recommendations: For D-Link DSP-W215 version 1.26b03, consider...

6.5CVSS6.2AI score0.00755EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/05/18 12:0 a.m.6 views

PT-2020-13350 · D Link · D-Link Dsp-W215

Name of the Vulnerable Software and Affected Versions: D-Link DSP-W215 version 1.26b03 Description: The issue concerns the transmission of an obfuscated hash by the device, which can be intercepted and decoded by a network sniffer. Recommendations: For D-Link DSP-W215 version 1.26b03, consider...

7.5CVSS7.5AI score0.01205EPSS
Exploits0References2
Circl
Circl
added 2018/05/29 3:50 p.m.4 views

CVE-2025-34125

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/dlinkdspw110cookienoauthexec.rb 2025-10-23 21:13:04+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

9.3CVSS5.7AI score0.03126EPSS
Exploits0References1
Rows per page
Query Builder