2 matches found
CVE-2018-10749
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'commit' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'commit ' function and cause memory corruption. Furthermore, it is possible to redirect the flo...
CVE-2018-10749
The CVE refers to D-Link DSL-3782 EU 1.01 with a buffer overflow in the Diagnostics component, via /userfs/bin/tcapi using commit . An authenticated user can trigger memory corruption and potentially execute arbitrary code. Connected sources (e.g., PT-2018-3914) confirm a 1.01 version and remote-...