D-Link DIR-X3260 安全漏洞

D-Link DIR-X3260 is a Wi-Fi 6 router from China's AUO D-Link. A security vulnerability exists in the D-Link DIR-X3260 that stems from a SetSysEmailSettings AccountName command injection remote code execution vulnerability...

D-Link DIR-3040 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

CVE-2022-43629

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

CVE-2022-43629

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

CVE-2022-43629

CVE-2022-43629 affects D-Link DIR-1935 v1.03. The vulnerability is a command-injection in the web management portal’s SetSysEmailSettings handling: a user-supplied string parsed inside a system call is not properly validated, enabling an attacker to execute code with root privileges. Exploitation...

D-Link DIR-1935 操作系统命令注入漏洞

The D-Link DIR-1935 is a wireless router from China-based AUO D-Link. The D-Link DIR-1935 suffers from an operating system command injection vulnerability that originates when parsing sub-elements of the SetSysEmailSettings element, where the process does not properly validate before executing a...

CVE-2022-46568

D-Link DIR-882 DIR882A1FW130B06, DIR-878 DIR878FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module...

CVE-2022-46568

D-Link DIR-882 DIR882A1FW130B06, DIR-878 DIR878FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module...

Stack overflow

D-Link DIR-882 DIR882A1FW130B06, DIR-878 DIR878FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module...

CVE-2022-46568

D-Link DIR-882 DIR882A1FW130B06, DIR-878 DIR878FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module...

D-Link DIR-882 缓冲区错误漏洞

The D-Link DIR-882 is a wireless router from China-based AUO D-Link. The D-Link DIR-882 DIR882A1FW130B06 suffers from a buffer error vulnerability that stems from the discovery of a contained stack overflow via the AccountPassword parameter in the SetSysEmailSettings module...

CVE-2022-46568

CVE-2022-46568 affects D-Link DIR-882 (DIR882A1_FW130B06) and DIR-878 (DIR_878_FW1.30B08). The root cause is a stack overflow in the SetSysEmailSettings module triggered by the AccountPassword parameter, exposing the devices to potential impact on confidentiality, integrity, and availability via ...

D-Link DIR-1935 SetSysEmailSettings Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

PT-2022-5536 · D Link · D-Link Dir-1935

Name of the Vulnerable Software and Affected Versions: D-Link DIR-1935 version 1.03 Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existing authentication mechanism can b...

Command injection

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST...