CVE-2023-3767 OS command injection on EasyPHP Webserver

An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1. This vulnerability could allow an attacker to get full access to the system by sending a specially crafted exploit to the /index.php?zone=settings parameter...

CVE-2023-3767

CVE-2023-3767 affects EasyPHP Webserver v14.1. An OS command injection flaw exists in the /index.php?zone=settings handler that an attacker can exploit to gain full system access. The root cause is improper handling of the settings parameter allowing arbitrary command execution. Documented impact...

CVE-2023-3767 OS command injection on EasyPHP Webserver

An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1. This vulnerability could allow an attacker to get full access to the system by sending a specially crafted exploit to the /index.php?zone=settings parameter...

PT-2023-26066 · Unknown · Easyphp Webserver

Name of the Vulnerable Software and Affected Versions: EasyPHP Webserver version 14.1 Description: An OS command injection vulnerability has been found in EasyPHP Webserver. This issue could allow an attacker to gain full access to the system by sending a specially crafted exploit to the...

Siemens RUGGEDCOM ROX Use of a Broken or Risky Cryptographic Algorithm (CVE-2023-36749)

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

CVE-2020-19318

Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program...

CVE-2020-19318

CVE-2020-19318 affects D-Link DIR-605L (hardware AX; firmware 1.17beta and below). Root cause is a buffer overflow in the webserver service program, allowing an authenticated attacker to remotely execute arbitrary code by sending crafted data. Remediation, where documented, is to upgrade to a fir...

CVE-2020-19318

Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program...

PT-2023-4971 · D Link · D-Link Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L versions 1.17beta and below Description: The issue is related to a buffer overflow in the D-Link DIR-605L router, which can be exploited by sending crafted data to the webserver service program, allowing authorized attackers t...

OpenPLC Webserver 3 Denial Of Service / Buffer Overflow

import requests import sys import time import optparse import re parser = optparse.OptionParser parser.addoption'-u', '--url', action="store", dest="url", help="Base target uri ex. http://target-uri:8080" parser.addoption'-l', '--user', action="store", dest="user", help="User credential to login"...

CVE-2020-19318

Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program...

GHSA-P6P2-QQ95-VQ5H Remote Code Execution in Custom Integration Upload

Impact The Fides webserver API allows custom integrations to be uploaded as a ZIP file. This ZIP file must contain YAML files, but Fides can be configured to also accept the inclusion of custom Python code in it. The custom code is executed in a restricted, sandboxed environment, but the sandbox...

PT-2023-5545 · D Link +1 · D-Link Dir-3040 +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: The issue exists due to the lack of proper validation of a user-supplied string before copying it to a fixed-length stack-based buffer in the prog.cgi file. This allows a remote...

D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

D-Link DIR-3040 prog.cgi SetDeviceSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

D-Link DIR-3040 prog.cgi SetTriggerPPPoEValidate Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...