Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that's distributed via a theme related to India's banking sector. "The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations...

D-Link DIR-823X 操作系统命令注入漏洞

The D-Link DIR-823X is a wireless router produced by D-Link Corporation. The D-Link DIR-823X 250416 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations on the parameters ddnsType, ddnsDomainName, ddnsUserName, and ddnsPwd i...

CVE-2024-56836

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

EUVD-2024-55308

A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. During the Dynamic DNS configuration of the affected product it is possible to inject additional configuration parameters. Under certain circumstances, an attacker could leverage this vulnerability to spawn a...

CVE-2024-56836

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

EUVD-2025-175375

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are stored in NVRAM and later used by rc to...

PT-2025-46881

Name of the Vulnerable Software and Affected Versions D-Link DIR-882 Router firmware version DIR882A1 FW102B02 Description A command injection issue exists in the D-Link DIR-882 Router firmware. The sub 4438A4 function within the prog.cgi binary stores user-provided DDNS parameters, ServerAddress...

IPFire 安全漏洞

IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that stems from insufficient cleanup and escaping of the SERVICE, LOGIN, and PASSWORD parameters, which could be exploited by...

Tenda AC15 ddnsEn Parameter Stack Buffer Overflow Vulnerability

Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol and is mainly designed for home network environment. Tenda AC15 has a stack buffer overflow vulnerability, which originates from the parameter ddnsEn in th...

CVE-2023-7227

SystemK NVR 504/508/516 versions 2.3.5SK.30084998 and prior are vulnerable to a command injection vulnerability in the dynamic domain name system DDNS settings that could allow an attacker to execute arbitrary commands with root privileges...

PT-2023-29556 · Netis · Netis N3Mv2

Name of the Vulnerable Software and Affected Versions: Netis N3Mv2 version 1.0.1.865 Description: A command injection issue was discovered via the ddnsDomainName parameter in the Dynamic DNS settings. This allows for potential exploitation. No information is provided about the estimated number of...

Hitron Technologies CHITA Router Firmware 操作系统命令注入漏洞

Hitron Technologies CHITA Router Firmware is a router firmware from Hitron Technologies of China. A security vulnerability exists in the Hitron CHITA 7.2.2.0.3b6-CD firmware version that originates from a command injection in the Device/DDNS ddnsUsername field...

Denial of Service Vulnerability in Peanut Shells Dynamic Domain Name Tool

Peanut Shells is a completely free dynamic domain name resolution service client software. A denial of service vulnerability exists in the Peanut Shells Dynamic Domain Name Tool, which can be exploited by attackers to compromise system availability...

CVE-2017-2854

An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating a rogue...

CVE-2018-17015

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for ddns phddns username...

[Full-disclosure] PeanutHull Local Privilege Escalation Vulnerability

PeanutHull Local Privilege Escalation Vulnerability by Sowhat EN: http://secway.org/advisory/AD20050720EN.txt CN: http://secway.org/advisory/AD20050720CN.txt Product Affected: PeanutHull = 3.0 Beta 5 Overview: Oray Inc. is the world's biggest DDNS Dynamic Domain Name Service Provider According to...