5284 matches found
CVE-2023-41230 D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this...
CVE-2023-41230 D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this...
CVE-2023-41228
The CVE-2023-41228 case affects D-Link DIR-3040, where the prog.cgi SetUsersSettings handler (HNAP on the lighttpd webserver) contains a stack-based buffer overflow due to improper validation of a user-supplied string. This leads to remote code execution with root privileges for network-adjacent ...
CVE-2023-41226
Summary of CVE-2023-41226 (D-Link DIR-3040): The vulnerability is a stack-based overflow in the prog.cgi binary that handles HNAP requests to the lighttpd webserver (ports 80/443). Lack of proper validation of a user-supplied string allows a network-adjacent attacker to trigger a remote code exec...
CVE-2023-41226 D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...
CVE-2023-41223
D-Link DIR-3040: prog.cgi SetQuickVPNSettings PSK stack-based buffer overflow allows network-adjacent attackers to execute code with root privileges via HNAP requests to lighttpd on ports 80/443. Root cause: improper validation/copy to a fixed-size stack buffer in the PSK handling. Affected versi...
CVE-2023-41221 D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...
CVE-2023-41223 D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...
CVE-2023-41220 D-Link DIR-3040 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...
CVE-2023-41219 D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. T...
CVE-2023-41218 D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability...
CVE-2023-41218
The CVE-2023-41218 entry details a stack-based buffer overflow in D-Link DIR-3040 Prog.cgi (SetWan3Settings) vulnerable when processing HNAP requests to the lighttpd webserver on ports 80/443. The flaw stems from insufficient validation of a user-supplied string copied into a fixed-size stack buf...
CVE-2023-41218 D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability...
CVE-2023-41217
CVE-2023-41217 affects D-Link DIR-3040 routers. The vulnerability resides in the prog.cgi handling of HNAP requests to the lighttpd webserver on ports 80/443, where unsafely copied user input into a fixed-length stack buffer leads to a stack-based buffer overflow . This permits remote code execut...
CVE-2023-41217 D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...
CVE-2023-41216 D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...
CVE-2023-41216 D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...
CVE-2023-41222
The CVE-2023-41222 entry concerns D-Link DIR-3040 routers. A stack-based buffer overflow in prog.cgi (SetWan2Settings) processes HNAP requests to the lighttpd webserver (ports 80/443). The flaw arises from insufficient validation of a user-supplied string copied into a fixed-size stack buffer, en...
[SECURITY] Fedora 39 Update: python-aiohttp-3.9.5-1.fc39
Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webservers with middlewares and pluggable routing...
CVE-2023-51631
D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerabilit...