PT-2025-47046

Name of the Vulnerable Software and Affected Versions D-Link DIR-816L version 2 06 b09 beta Description A stack-based buffer overflow exists in the soapcgi main function of the /soap.cgi file. This issue allows for remote exploitation. The exploit has been publicly disclosed. The affected product...

EUVD-2025-26294

Malicious code in bioql PyPI...

The vulnerability in the script htdocs/webinc/js/adv_parent_ctrl_map.php of the D-Link DIR-860L, DIR-865L, DIR-868L, DIR-880L routers allows a attacker to execute an XSS attack.

The vulnerability in the script htdocs/webinc/js/advparentctrlmap.php of the D-Link DIR-860L, DIR-865L, DIR-868L, and DIR-880L routers exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows an attacker to execute an XSS attack through the...

PT-2024-37934

Name of the Vulnerable Software and Affected Versions soap cgi.pyc affected versions not specified Description The issue allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources by including references to external entities...

D-Link DIR-818LW Rev.A and DIR-860L Rev.B Operating System Command Injection Vulnerability

The D-Link DIR-818LW Rev.A and DIR-860L Rev.B are both wireless router products from AUO D-Link. An operating system command injection vulnerability exists in the soap.cgi service of the cgibin binary in the D-Link DIR-818LW Rev.A version 2.05.B03 and DIR-860L Rev.B version 2.03.B03. A remote...

D-Link - OS-Command Injection via UPnP Interface

D-Link - OS-Command Injection via UPnP Interface Title: OS-Command Injection via UPnP SOAP Interface in multiple D-Link devices Vendor: D-Link Devices: DIR-300 rev B / DIR-600 rev B / DIR-645 / DIR-845 / DIR-865 ============ Vulnerable Firmware Releases: ============ DIR-300 rev B - 2.14b01 DIR-6...