28 matches found
EUVD-2020-5411
Malware in sbrugna...
EUVD-2020-5412
Malware in sbrugna...
EUVD-2025-21746
Malicious code in bioql PyPI...
D-Link DSP-W215 安全漏洞
D-Link DSP-W215 is a smart plug product from China AUO D-Link. A security vulnerability exists in the D-Link DSP-W215 version 1.02, which stems from the mycgi.cgi component improperly handling HTTP POST requests, which could lead to a stack buffer overflow and remote code execution...
CVE-2025-34125
An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary commands on the...
CVE-2025-34125
CVE-2025-34125 describes an unauthenticated command injection in the D-Link DSP-W110A1 cookie handling of the lighttpd web server, affecting firmware 1.05B01. The root cause is processing of specially crafted cookie values that allows remote attackers to execute arbitrary commands on the underlyi...
CVE-2025-34125 D-Link DSP-W110A1 Cookie Command Injection
An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary commands on the...
CVE-2025-34125 D-Link DSP-W110A1 Cookie Command Injection
An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary commands on the...
PT-2025-29887 · D Link +2 · D-Link Dsp-W110A1 +2
Name of the Vulnerable Software and Affected Versions: D-Link DSP-W110A1 version 1.05B01 Description: An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server. This occurs when specially crafted cookie values are processed, allowing remot...
D-Link DSP-W110A1 安全漏洞
The D-Link DSP-W110A1 is a Wi-Fi smart routing device. The D-Link DSP-W110A1 suffers from a command injection vulnerability that stems from incorrectly filtering input parameters, which can be exploited by an attacker to submit a special request and execute arbitrary commands...
CVE-2020-13136
D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer...
Null pointer dereference
UNSUPPORTED WHEN ASSIGNED Null Pointer Dereference vulnerability exists in D-Link DSP-W215 1.10, which could let a remote malicious user cause a denial of servie via usr/bin/lighttpd. It could be triggered by sending an HTTP request without URL in the start line directly to the device. NOTE: The...
PT-2021-18162 · D Link · D-Link Dsp-W215
Name of the Vulnerable Software and Affected Versions: D-Link DSP-W215 version 1.10 Description: A Null Pointer Dereference issue exists, which could allow a remote malicious user to cause a denial of service via usr/bin/lighttpd. This can be triggered by sending an HTTP request without a URL in...
D-Link DSP-W215 Information Disclosure Vulnerability (CNVD-2020-33174)
The D-Link DSP-W215 is a smart plug product from Taiwan, China-based AUO D-Link. A security vulnerability exists in D-Link DSP-W215 version 1.26b03. An attacker can exploit the vulnerability to cause information disclosure...
CVE-2020-13135
D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy...
Information disclosure
D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy...
Design/Logic Flaw
D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer...
PT-2020-13349 · Squid +1 · Squid Proxy +1
Name of the Vulnerable Software and Affected Versions: D-Link DSP-W215 version 1.26b03 Description: The issue allows information disclosure by intercepting messages on the local network. This can be demonstrated using a Squid Proxy. Recommendations: For D-Link DSP-W215 version 1.26b03, consider...
PT-2020-13350 · D Link · D-Link Dsp-W215
Name of the Vulnerable Software and Affected Versions: D-Link DSP-W215 version 1.26b03 Description: The issue concerns the transmission of an obfuscated hash by the device, which can be intercepted and decoded by a network sniffer. Recommendations: For D-Link DSP-W215 version 1.26b03, consider...
CVE-2025-34125
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/dlinkdspw110cookienoauthexec.rb 2025-10-23 21:13:04+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...