Exploit for CVE-2024-24576

CVE-2024-24576 PoC The Command::arg and Command::ar...

CVE-2020-25757

A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may result in arbitrary input being passed to system command APIs, resulting in arbitrary command execution with root privileges. This affects DSR-150, DSR-250, DSR-500, and DSR-1000AC with firmware 3.14 and 3.17...

CVE-2020-25757

CVE-2020-25757 affects D-Link DSR-series VPN routers (DSR-150, DSR-250, DSR-500, DSR-1000AC) running firmware 3.14 and 3.17. The root cause is inadequate input validation and access controls in Lua CGI handlers, allowing user-supplied data to reach system command APIs (os.popen) and enabling arbi...

CVE-2019-11849

A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 4.11.0. The vulnerability may allow code execution...

CVE-2019-11849

A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 4.11.0. The vulnerability may allow code execution...

Stack overflow

A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 4.11.0. The vulnerability may allow code execution...

CVE-2019-11849

ALEOS (embedded M2M) prior to version 4.11.0 contains a stack overflow vulnerability in the AT Command API that can enable code execution. The CNVD-2020-48628 entry confirms the issue in ALEOS and specifies the affected component (AT Command API) and the vulnerable range (before 4.11.0). Practica...