CVE-2024-54809

The vulnerability concerns NETGEAR WNR854T (North America) with firmware version 1.5.2. A stack-based buffer overflow exists in the parse_st_header function caused by using a request header parameter in strncpy where the copy length is derived from input. By sending a specially crafted packet, an...

CVE-2024-54808

Netgear WNR854T 1.5.2 North America contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution...

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

CVE-2024-54802

The CVE-2024-54802 entry concerns Netgear WNR854T firmware version 1.5.2 (North America). The UPNP service at /usr/sbin/upnp is reported vulnerable to a stack-based buffer overflow via the M-SEARCH Host header. Public descriptions indicate potential to execute arbitrary code or cause a denial of ...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in XStream (CVE-2024-47072)

Summary A vulnerability in XStream that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow in BinaryStreamDriver. By sending a specially crafted binar...

CVE-2025-2837 Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability

Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this...

CVE-2025-2621

A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function checkdwscookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2021-26105

A stack-based buffer overflow vulnerability CWE-121 in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and below may allow an authenticated attacker to potentially execute unauthorized code or commands via specifically crafted HTTP requests...

CVE-2025-2620

A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function modgraphauthurihandler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated...

CVE-2025-30472

A flaw was found in Corosync. In affected versions, a stack-based buffer overflow may be triggered via a large UDP packet in configurations where encryption is disabled or if an attacker knows the encryption key. This issue can lead to an application crash or other undefined behavior. Mitigation ...

CVE-2025-2621

A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function checkdwscookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2025-2621

The CVE-2025-2621 entry concerns D-Link DAP-1620 (firmware ~1.03). A stack-based buffer overflow in the check_dws_cookie function under /storage is triggered by manipulating the uid argument; remote exploitation is indicated and public disclosure exists. The affected devices are noted as no longe...

CVE-2025-2621 D-Link DAP-1620 storage check_dws_cookie stack-based overflow

A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function checkdwscookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the...

Exploit for Stack-based Buffer Overflow in Dlink Dap-1620_Firmware

CVE-2025-2620 Proof-of-Concept Exploit Overview This repos...

CVE-2025-2620

A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function modgraphauthurihandler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated...

CVE-2025-2620 D-Link DAP-1620 Authentication storage mod_graph_auth_uri_handler stack-based overflow

A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function modgraphauthurihandler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated...

CVE-2025-2620

CVE-2025-2620 is a stack-based buffer overflow in D-Link DAP-1620 firmware 1.03, within the mod_graph_auth_uri_handler function under /storage. Multiple sources confirm remote exploitation potential and high impact (DoS and possible RCE) on a no-longer-supported device. A PoC exploit repository e...

CVE-2025-2620 D-Link DAP-1620 Authentication storage mod_graph_auth_uri_handler stack-based overflow

A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function modgraphauthurihandler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated...

CVE-2025-2619

CVE-2025-2619 affects D-Link DAP-1620 (firmware 1.03) and targets the check_dws_cookie function in the Cookie Handler’s /storage path. The weakness is a stack-based buffer overflow triggered by improper input length validation, allowing remote exploitation. Multiple sources corroborate critical s...

CVE-2025-2619 D-Link DAP-1620 Cookie storage check_dws_cookie stack-based overflow

A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function checkdwscookie of the file /storage of the component Cookie Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit h...