284 matches found
EUVD-2023-48760
Malicious code in bioql PyPI...
CVE-2021-30072
An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication...
CVE-2021-28144
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...
The vulnerability in the `prog.cgi` script of the SetQuickVPNSettings module of the D-Link DIR-853 A1 router’s software allows a hacker to cause a service failure.
The vulnerability in the prog.cgi script of the SetQuickVPNSettings module of the D-Link DIR-853 A1 router operating system is related to buffer overflow during the processing of the PSK parameter. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the `prog.cgi` script of the SetQuickVPNSettings module of the D-Link DIR-853 A1 router’s software allows a hacker to cause a service failure.
The vulnerability in the prog.cgi script of the SetQuickVPNSettings module of the D-Link DIR-853 A1 router operating system is related to buffer overflow during the processing of the Password parameter. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...
The vulnerability of the SetMACFilters2() function in the prog.cgi script of D-Link DIR-878 and DIR-882 router microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the SetMACFilters2 function in the prog.cgi script of D-Link DIR-878 and DIR-882 routers exists due to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrar...
PT-2024-7030 · D Link · D-Link Dir-878 +1
Name of the Vulnerable Software and Affected Versions: D-Link DIR-882 versions FW130B06 D-Link DIR-878 version FW130B08 Description: A command injection issue exists in the SetGuestZoneRouterSettings function due to insufficient neutralization of special elements used in an OS command. This allow...
PT-2024-7081 · D Link · D-Link Dir-878 +1
Name of the Vulnerable Software and Affected Versions: D-Link DIR-878 version DIR 878 FW130B08 D-Link DIR-882 version DIR 882 FW130B06 Description: The issue exists due to the lack of neutralization of special elements used in the operating system command in the SetVirtualServerSettings function ...
The vulnerability of the prog.cgi file in D-Link DIR-3040 wireless router software allows a hacker to induce a service failure.
The vulnerability of the prog.cgi file in D-Link DIR-3040 wireless router software relates to the lack of proper memory management when processing HTTP cookie values. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
D-Link DIR-2640 Stack Buffer Overflow Remote Code Execution Vulnerability
The D-Link DIR-2640 is a high power Wi-Fi router manufactured by the Chinese company AUO D-Link, which is mainly used to provide wireless network connectivity. The D-Link DIR-2640 suffers from a stack buffer overflow remote code execution vulnerability that stems from a stack-based buffer overflo...
The vulnerability of the prog.cgi file in D-Link DIR-2640 router microprogramming software allows a hacker to execute arbitrary code in the root context.
The vulnerability of the prog.cgi file in D-Link DIR-2640 router microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the root context by sending specially crafted HNAP requests to TCP ports 80 an...
(0Day) D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability
This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi program, which handles HNAP requests made t...
CVE-2024-5293
D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640-US routers. Authentication is not required to exploit this vulnerability. The...
CVE-2024-5294
D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability...
CVE-2024-5294 D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability
D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability...
CVE-2024-5294
The CVE-2024-5294 entry concerns the D-Link DIR-3040 router. The vulnerable component is prog.cgi (HNAP handler for the lighttpd server on ports 80/443). The root cause is improper memory management when processing HTTP cookie values, causing a memory leak that enables a denial-of-service conditi...
CVE-2024-5294 D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability
D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability...
CVE-2023-51622
D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-51622
D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-51623
D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...