Lucene search
+L

8 matches found

NVD
NVD
added 2024/05/03 3:15 a.m.28 views

CVE-2023-44404

D-Link DAP-1325 getvaluefromapp Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS9.1AI score0.0075EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 3:15 a.m.18 views

CVE-2023-41207

D-Link DAP-1325 SetHostIPv6StaticSettings StaticAddress Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit...

8.8CVSS9.1AI score0.00855EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 2:13 a.m.91 views

CVE-2023-44403

CVE-2023-44403 affects D-Link DAP-1325 routers via the HNAP1 SOAP endpoint, SetWLanRadioSettings channel command handling. The vulnerability arises from insufficient validation of a user-supplied string used in a system call, allowing network-adjacent attackers to execute arbitrary code with root...

8.8CVSS9.1AI score0.01109EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/05/03 2:11 a.m.92 views

CVE-2023-41201

The CVE concerns D-Link DAP-1325 with a command-injection path in the HNAP1 SOAP endpoint. Affected component: SetSetupWizardStatus handling within DAP-1325 devices. Root cause: improper validation of a user-supplied string before it is used to execute a system call, enabling remote code executio...

8.8CVSS9.1AI score0.01187EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/03 2:11 a.m.95 views

CVE-2023-41198

CVE-2023-41198 impacts the D-Link DAP-1325 router. The flaw is in the HNAP1 endpoint under the function SetHostIPv6StaticSettings, specifically the StaticDNS1 parameter. Lack of validation of a user-supplied string leads to command injection and remote code execution with root privileges. Attack ...

8.8CVSS9.1AI score0.01187EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 2:11 a.m.21 views

CVE-2023-41193 D-Link DAP-1325 HNAP SetAPLanSettings SecondaryDNS Command Injection Remote Code Execution Vulnerability

D-Link DAP-1325 HNAP SetAPLanSettings SecondaryDNS Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...

8.8CVSS8AI score0.01187EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 2:11 a.m.72 views

CVE-2023-41187

CVE-2023-41187 affects D-Link DAP-1325 via HNAP: missing authentication allows network-adjacent attackers to execute arbitrary code with root privileges. The vulnerability stems from unauthenticated access to the HNAP interface. Documented by NVD and ZDI, with no confirmed exploit status or publi...

8.8CVSS9.1AI score0.00826EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2023/09/07 12:0 a.m.22 views

D-Link DAP-1325 HNAP SetAPLanSettings SecondaryDNS Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoin...

8.8CVSS7.3AI score0.01187EPSS
Exploits0References1
Rows per page
Query Builder