Lucene search
K

16 matches found

NVD
NVD
added 2026/06/29 9:16 a.m.7 views

CVE-2026-13545

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...

9CVSS0.02706EPSS
Exploits1References6
CVE
CVE
added 2026/06/29 7:0 a.m.12 views

CVE-2026-13545

CVE-2026-13545 affects D-Link DCS-935L 1.10.01. The vulnerability is in the function sub_400E40 of setconf.cgi (POST Parameter Handler); manipulating the UID argument enables an OS command injection. The attack can be launched remotely, and the exploit has been disclosed publicly. CVSS metrics in...

9CVSS7AI score0.02706EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.10 views

PT-2026-53222

Name of the Vulnerable Software and Affected Versions D-Link DCS-935L version 1.10.01 Description An OS command injection flaw exists in the POST Parameter Handler component. The issue occurs within the sub 400E40 function of the setconf.cgi file. A remote attacker can exploit this by manipulatin...

9CVSS7.6AI score0.02706EPSS
Exploits1References10
NVD
NVD
added 2026/06/13 9:16 p.m.12 views

CVE-2026-12174

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...

9CVSS0.00582EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/13 8:15 p.m.32 views

CVE-2026-12174 D-Link DCS-935L HTTP rhea snprintf format string

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...

9CVSS0.00582EPSS
Exploits0References6
CVE
CVE
added 2026/06/13 8:15 p.m.28 views

CVE-2026-12174

CVE-2026-12174 affects D-Link DCS-935L firmware 1.10.01. The vulnerability is in the HTTP Handler’s function snprintf used by /web/cgi-bin/greece/rhea, allowing format-string manipulation. This can enable a remote attacker to exploit the flaw; public exploits have been disclosed. The available do...

9CVSS7.6AI score0.00582EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/13 8:15 p.m.12 views

CVE-2026-12174 D-Link DCS-935L HTTP rhea snprintf format string

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...

9CVSS7.6AI score0.00582EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.12 views

PT-2026-49083

Name of the Vulnerable Software and Affected Versions D-Link DCS-935L version 1.10.01 Description A format string issue exists in the HTTP Handler component within the file '/web/cgi-bin/greece/rhea'. The problem occurs in the snprintf function when the data argument is manipulated, allowing a...

9CVSS7.3AI score0.00582EPSS
Exploits0References17
BDU FSTEC
BDU FSTEC
added 2026/05/13 12:0 a.m.3 views

The vulnerability of the SetDeviceSettings() function in D-Link DCS-935L wireless HD cameras’ microprogramming software allows a intruder to execute arbitrary code.

The vulnerability of the SetDeviceSettings function in D-Link DCS-935L wireless HD cameras’ microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9CVSS7.4AI score0.00997EPSS
Exploits2References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/12 8:20 a.m.8 views

CVE-2026-8260

A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...

9CVSS7.6AI score0.00997EPSS
Exploits2References1
EUVD
EUVD
added 2026/05/11 3:31 a.m.16 views

EUVD-2026-29016

A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...

9CVSS7.6AI score0.00997EPSS
Exploits2References6
NVD
NVD
added 2026/05/11 2:16 a.m.37 views

CVE-2026-8260

A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...

9CVSS0.00997EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2026/05/11 1:15 a.m.9 views

CVE-2026-8260 D-Link DCS-935L HNAP Service hnap_service SetDeviceSettings buffer overflow

A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...

9CVSS7.6AI score0.00997EPSS
Exploits2References5
CNVD
CNVD
added 2025/09/25 12:0 a.m.2 views

D-Link DCS-935L Buffer Overflow Vulnerability

The D-Link DCS-935L is a router from China's AUO D-Link. A buffer overflow vulnerability exists in D-Link DCS-935L version 1.13.01 and earlier, which originates from the parameter HNAPAUTH/SOAPAction in file /HNAP1/ that fails to correctly validate the length and size of the input data, and can b...

9.8CVSS8.1AI score0.00815EPSS
Exploits1References1
NVD
NVD
added 2025/09/22 4:15 a.m.5 views

CVE-2025-10779

A vulnerability was found in D-Link DCS-935L up to 1.13.01. The impacted element is the function sub402280 of the file /HNAP1/. The manipulation of the argument HNAPAUTH/SOAPAction results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and...

9.8CVSS0.00815EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/09/22 3:2 a.m.3 views

CVE-2025-10779 D-Link DCS-935L HNAP1 sub_402280 stack-based overflow

A vulnerability was found in D-Link DCS-935L up to 1.13.01. The impacted element is the function sub402280 of the file /HNAP1/. The manipulation of the argument HNAPAUTH/SOAPAction results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and...

9CVSS6.9AI score0.00815EPSS
Exploits1References7
Rows per page
Query Builder