5284 matches found
CVE-2023-51622
The CVE-2023-51622 affects D-Link DIR-X3260 routers, specifically the prog.cgi handling HNAP requests in the lighttpd webserver on ports 80/443. The flaw is a stack-based buffer overflow due to improper validation of a user-supplied string copied into a fixed-size stack buffer, allowing network-a...
CVE-2023-51622 D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-51621 D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-51620
The CVE-2023-51620 entry concerns D-Link DIR-X3260 routers, where the flaw is in the prog.cgi handling HNAP requests on the lighttpd webserver. The vulnerability is a stack-based buffer overflow in SetIPv6PppoeSettings, triggered by insufficient validation of a user-supplied string copied into a ...
CVE-2023-51620 D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-51619
CVE-2023-51619 affects D-Link DIR-X3260 routers, due to a stack-based overflow in prog.cgi that processes HNAP requests for lighttpd on ports 80/443. The vulnerability arises from improper validation of a user-supplied string copied into a fixed-size stack buffer, allowing a network-adjacent atta...
CVE-2023-51618
CVE-2023-51618 affects D-Link DIR-X3260. The flaw is a stack-based buffer overflow in prog.cgi handling HNAP requests on lighttpd (ports 80/443). It arises from improper validation of a user-supplied string copied into a fixed-length buffer, enabling remote code execution with root privileges. At...
CVE-2023-51618 D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-51617
CVE-2023-51617 affects the D-Link DIR-X3260 router, specifically the prog.cgi SetWanSettings handler. The flaw is a stack-based buffer overflow in the lighttpd/HNAP flow where an unchecked user string is copied into a fixed-length stack buffer, enabling code execution with root privileges. Attack...
CVE-2023-51614
The CVE-2023-51614 entry concerns D-Link DIR-X3260 routers. A flaw in the prog.cgi function handling HNAP requests on the lighttpd webserver (ports 80/443) allows a stack-based buffer overflow via an unsafely copied user-supplied string in SetQuickVPNSettings Password, enabling remote code execut...
CVE-2023-51614 D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-51613 D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2023-44427 D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injection Remote Code Execution Vulnerability
D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...
CVE-2023-44426 D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability
D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...
CVE-2023-44425 D-Link DIR-X3260 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability
D-Link DIR-X3260 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...
CVE-2023-44425
The CVE-2023-44425 issue affects D-Link DIR-X3260 routers, specifically the prog.cgi handler for HNAP requests on the lighttpd webserver (ports 80/443). It stems from insufficient validation of a user-supplied string before it is used in a system call, allowing an attacker to execute code with ro...
CVE-2023-44424 D-Link DIR-X3260 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability
D-Link DIR-X3260 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...
CVE-2023-44422 D-Link DIR-X3260 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability
D-Link DIR-X3260 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...
CVE-2023-44422 D-Link DIR-X3260 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability
D-Link DIR-X3260 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...
CVE-2023-44422
The CVE-2023-44422 entry affects D-Link DIR-X3260 routers. The vulnerability resides in prog.cgi (HNAP handling) served by lighttpd on ports 80/443, where unsafely passed user input is used in a system call, allowing an attacker on the same network to execute code as root. The flaw enables remote...