CVE-2021-28840

CVE-2021-28840 targets multiple D-Link DAP access points (DAP-2310, -2330, -2360, -2553, -2660, -2690, -2695, -3320, -3662). The root cause is a NULL pointer dereference in the upload_config function of sbin/httpd: when handling a specific HTTP GET, upload_file is NULL and strncasecmp is called w...

CVE-2020-10214

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

Stack overflow

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

CVE-2020-10214

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntpsync.cgi with a sufficiently long parameter ntpserver...

TPLINK TLWR740N路由器远程代码执行漏洞(CVE-2017-13772)

INTRODUCTION In October of 2017 we disclosed multiple vulnerabilities in TP-Link’s WR940n router that occurred due to multiple code paths calling strcpy on user controllable unsanitised input CVE-2017-13772 The httpd binary responsible for these vulnerabilities contained patterns of code that...

ZHONE S3.0.501 - Multiple Remote Code Execution Vulnerabilities

ZHONE S3.0.501 - Multiple Remote Code Execution Vulnerabilities Vantage Point Security Advisory 2015-003 ======================================== Title: Multiple Remote Code Execution found in ZHONE Vendor: Zhone Vendor URL: http://www.zhone.com Device Model: ZHONE ZNID GPON 2426A 24xx, 24xxA,...