11 matches found
CVE-2018-10746
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'get' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'get ' function and cause memory corruption. Furthermore, it is possible to redirect the flow of t...
Memory corruption
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'get' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'get ' function and cause memory corruption. Furthermore, it is possible to redirect the flow of t...
Memory corruption
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'commit' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'commit ' function and cause memory corruption. Furthermore, it is possible to redirect the flo...
CVE-2018-10747
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'unset ' function and cause memory corruption. Furthermore, it is possible to redirect the flow...
CVE-2018-10749
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'commit' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'commit ' function and cause memory corruption. Furthermore, it is possible to redirect the flo...
CVE-2018-10748
CVE-2018-10748 affects D-Link DSL-3782 EU 1.01. The issue is a buffer overflow in the Diagnostics component’s /userfs/bin/tcapi binary when a long ‘show’ parameter is passed to show . An authenticated user can cause memory corruption and may execute arbitrary code. Exploitation details beyond thi...
CVE-2018-10747
Affected product: D-Link DSL-3782 EU version 1.01. In the Diagnostics component, the /userfs/bin/tcapi binary accepts an unset parameter. An authenticated user can supply a long buffer to unset and trigger memory corruption, potentially redirecting program flow and enabling arbitrary code execut...
Memory corruption
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'read' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'read ' function and cause memory corruption. Furthermore, it is possible to redirect the flow of...
CVE-2018-10713
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'read' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'read ' function and cause memory corruption. Furthermore, it is possible to redirect the flow of...
PT-2018-3912 · D Link · D-Link Dsl-3782
Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 EU version 1.01 Description: An issue in the Diagnostics component of the D-Link DSL-3782 EU device allows an authenticated user to cause memory corruption by passing a long buffer as an 'unset' parameter to the...
PT-2018-3905 · D Link · D-Link Dsl-3782
Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 EU version 1.01 Description: An issue in the Diagnostics component of the D-Link DSL-3782 EU device allows an authenticated user to cause memory corruption by passing a long buffer as a read parameter to the /userfs/bin/tcapi...