Lucene search
K

404 matches found

ATTACKERKB
ATTACKERKB
added 2024/05/03 3:16 a.m.2 views

CVE-2023-50201

D-Link G416 cfgsave upusb Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

8.8CVSS7.7AI score0.00916EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/05/03 3:16 a.m.14 views

CVE-2023-50201

D-Link G416 cfgsave upusb Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

8.8CVSS9.2AI score0.00916EPSS
Exploits0References2
OSV
OSV
added 2024/05/03 3:16 a.m.3 views

CVE-2023-50198

D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exis...

8.8CVSS6.2AI score0.01187EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 2:14 a.m.30 views

CVE-2023-50217 D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability

D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

8.8CVSS9.3AI score0.00916EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.21 views

CVE-2023-50217 D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability

D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

8.8CVSS8AI score0.00916EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.21 views

CVE-2023-50215 D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific...

8.8CVSS8AI score0.00946EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.17 views

CVE-2023-50216 D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific...

8.8CVSS8AI score0.00916EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 2:14 a.m.15 views

CVE-2023-50215 D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific...

8.8CVSS9.3AI score0.00946EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 2:14 a.m.65 views

CVE-2023-50215

CVE-2023-50215 – D-Link G416 : A vulnerability in the HTTP service listening on port 80 on D-Link G416 routers allows remote code execution as root due to improper validation of a user-supplied string before using it in a system call. This enables network-adjacent attackers (no authentication req...

8.8CVSS9.1AI score0.00946EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/03 2:14 a.m.70 views

CVE-2023-50216

CVE-2023-50216 affects D-Link G416 routers. A flaw in the HTTP service on port 80 fails to validate a user-supplied string before using it in a system call, allowing network-adjacent attackers to execute code with root privileges (RCE) without authentication. This is described in the ZDI advisory...

8.8CVSS9.1AI score0.00916EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/03 2:14 a.m.26 views

CVE-2023-50214 D-Link G416 nodered tar File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 nodered tar File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific...

8.8CVSS9.3AI score0.00946EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.19 views

CVE-2023-50214 D-Link G416 nodered tar File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 nodered tar File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific...

8.8CVSS8AI score0.00946EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 2:14 a.m.65 views

CVE-2023-50213

CVE-2023-50213 affects D-Link G416 routers. The vulnerability is a command-injection flaw in the HTTP service on port 80, arising from inadequate validation of a user-supplied string before it is used to run a system call. This allows network-adjacent attackers to execute arbitrary code with root...

8.8CVSS9.1AI score0.00916EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.14 views

CVE-2023-50213 D-Link G416 nodered File Handling Command Injection Remote Code Execution Vulnerability

D-Link G416 nodered File Handling Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw...

8.8CVSS8AI score0.00916EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 2:14 a.m.31 views

CVE-2023-50212 D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability

D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability...

4.3CVSS4.7AI score0.00514EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 2:14 a.m.62 views

CVE-2023-50212

CVE-2023-50212 describes an information-disclosure flaw in the HTTP service of the D-Link G416 router. The issue stems from improper handling of error conditions in the httpd process listening on TCP/80, allowing network-adjacent attackers to access sensitive information without authentication. T...

6.5CVSS4.4AI score0.00514EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.29 views

CVE-2023-50211 D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this...

8.8CVSS7.8AI score0.00637EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 2:14 a.m.19 views

CVE-2023-50211 D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this...

8.8CVSS9.2AI score0.00637EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.18 views

CVE-2023-50209 D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific...

8.8CVSS7.8AI score0.00637EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:14 a.m.17 views

CVE-2023-50210 D-Link G416 httpd API-AUTH Digest Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link G416 httpd API-AUTH Digest Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this...

8.8CVSS7.8AI score0.00637EPSS
Exploits0References2
Rows per page
Query Builder