Lucene search
+L

29 matches found

CVE
CVE
added 2018/09/15 9:0 p.m.46 views

CVE-2018-17063

CVE-2018-17063 affects D‑Link DIR-816 A2 firmware 1.10 B05. In the NTPSyncWithHost handler, an HTTP request parameter is used to construct a shell command, enabling command injection via shell metacharacters . A remote attacker could potentially execute arbitrary commands on the device. Public so...

10CVSS9.6AI score0.04143EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/09/15 9:0 p.m.42 views

CVE-2018-17068

An explicit vulnerability entry exists for D-Link DIR-816 A2 with firmware 1.10 B05 (DIR-816) where the HTTP /goform/Diagnosis handler builds a command string using the sendNum parameter, enabling command injection via shell metacharacters. Connected CNVD/CVEs reiterate that this is a command-inj...

10CVSS9.6AI score0.03678EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2018/09/15 12:0 a.m.5 views

PT-2018-3882 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: The issue is related to a stack-based buffer overflow in the handler function of the "/goform/DDNS" route. This overflow can occur when a very long password is used, potentially allowing an...

10CVSS10AI score0.01892EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2018/09/15 12:0 a.m.5 views

PT-2018-3883 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: An issue exists due to the lack of neutralization of special elements used in the command string construction within the handler function of the "/goform/sylogapply" route. This could lead to...

10CVSS9.9AI score0.07381EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2018/09/15 12:0 a.m.5 views

PT-2018-3880 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: The issue is related to a stack-based buffer overflow that can occur when a very long password is sent to the /goform/formLogin endpoint. This can lead to overwriting the return address. The...

10CVSS9.8AI score0.01892EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2018/09/15 12:0 a.m.6 views

PT-2018-3881 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: An issue exists in the handler function of the "/goform/form2systime.cgi" route, where an HTTP request parameter is used in command string construction. This could lead to command injection via...

10CVSS9.8AI score0.07255EPSS
Exploits1References3
OSV
OSV
added 2017/12/16 2:29 a.m.4 views

CVE-2017-3193

Multiple D-Link devices including the DIR-850L firmware versions 1.14B07 and 2.07.B05 contain a stack-based buffer overflow vulnerability in the web administration interface HNAP service...

8.8CVSS6.2AI score0.05613EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2017/12/15 12:0 a.m.5 views

PT-2017-15703 · D Link · Dir-850L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-850L firmware versions 1.14B07 and 2.07.B05 Description: A stack-based buffer overflow issue exists in the web administration interface HNAP service of the affected devices. Recommendations: For firmware version 1.14B07, update to ...

8.8CVSS9.2AI score0.05613EPSS
Exploits1References6
CNVD
CNVD
added 2017/03/11 12:0 a.m.4 views

Stack Buffer Overflow Vulnerability in Multiple D-Link Products

The D-Link DIR-850L is a wireless router from AUO D-Link. A stack buffer overflow vulnerability exists in the D-Link DIR-850L using firmware versions 1.14B07 and 2.07.B05. An attacker can exploit this vulnerability to execute arbitrary code in the context of the affected device, resulting in a...

8.8CVSS8.1AI score0.05613EPSS
Exploits1References1
Rows per page
Query Builder