2 matches found
CVE-2018-10747
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'unset ' function and cause memory corruption. Furthermore, it is possible to redirect the flow...
CVE-2018-10747
Affected product: D-Link DSL-3782 EU version 1.01. In the Diagnostics component, the /userfs/bin/tcapi binary accepts an unset parameter. An authenticated user can supply a long buffer to unset and trigger memory corruption, potentially redirecting program flow and enabling arbitrary code execut...