CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability

...

CVE-2026-0404 Insufficient input validation in NETGEAR Orbi routers

An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...

CVE-2025-69542

A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP...

CVE-2024-56835

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...

Linux Distros Unpatched Vulnerability : CVE-2019-10052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Suricata 4.1.3. If the network packet does not have the right length, the parser tries to access a part of a DHCP packet. At this...

Linux Distros Unpatched Vulnerability : CVE-2019-14834

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service memory consumption via...

The vulnerability of the DHCP server service for Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the DHCP server service for Windows operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

DHCP Server 安全漏洞

Open DHCP Server is an open source software from an individual developer that provides DHCP services. A security vulnerability exists in DHCP Server ec976d2 and prior versions, which stems from the presence of a NULL pointer dereference that allows remote attackers to cause a denial of service by...

The vulnerability of the Cisco IOS XR operating system’s DHCP server (DHCPv4) allows a attacker to cause a failure in the dhcpd process.

The vulnerability of the Cisco IOS XR operating system’s DHCP server DHCPv4 is related to the assignment of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause a failure in the dhcpd process by using a specially created DHCPv4 message...

AZL-38455 CVE-2023-45229 affecting package edk2 for versions less than 20240223gitedc6681206c1-1

EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IANA or IATA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

CVE-2023-24510

On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart...

ARRIS TR3300 命令注入漏洞

ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS U.S.A. A command injection vulnerability exists in ARRIS TR3300, which stems from the failure of the hostname parameter in the dhcp function to properly filter the construct command special characters, commands, etc. An attacker could use this...

VulnCheck KEV: CVE-2017-12240

The Dynamic Host Configuration Protocol DHCP relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system...

dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient

A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storage. This flaw...

CVE-2020-3509

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service DoS condition. The vulnerability is due to insufficient erro...

The vulnerability of the DHCP server dhcpd and the DNS server BIND, related to resource release errors, allows a perpetrator to cause service failure.

The vulnerability of the DHCP server dhcpd and the DNS server BIND is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2019-13939

A vulnerability has been identified in APOGEE MEC/MBC/PXC P2 All versions = V2.8.2 = V2.8.2 = V2.3 = V2.3x and = V2.3 = V2.3 = V2.3 = V2.3x and = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3x and = V2.3 V6.0.327, Nucleus NET All versions, Nucleus ReadyStart V3 All versions V2017.02.3, Nucleus Source...

CVE-2019-0063

When an MX Series Broadband Remote Access Server BRAS is configured as a Broadband Network Gateway BNG with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. The daemon automatically restarts without intervention, but continuous...

CVE-2019-12264

Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component...

The vulnerability of Siemens’ network equipment’s microprogramming software, related to privilege errors and access control mechanisms, allows a perpetrator to execute arbitrary code.

The vulnerability of Siemens network equipment’s microprogramming software is related to privilege errors and access control mechanisms. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted DHCP response to the client...