CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

94 matches found

VulnCheck KEV: CVE-2021-27137

DD-WRT router firmware before changeset 45723 contains a stack buffer overflow vulnerability in the UPnP service that allows remote attackers to execute arbitrary code by sending specially crafted M-SEARCH requests with oversized ST:uuid values via UDP port 1900. Attackers can exploit this...

6.4AI score

In wildExploits1References2

Positive Technologies•added 2 days ago•5 views

PT-2026-46055

Name of the Vulnerable Software and Affected Versions DD-WRT UPnP affected versions not specified Description A Gafgyt variant known as C0XMO targets IoT devices by exploiting a flaw in DD-WRT UPnP. This botnet utilizes a standalone Python script to facilitate lateral movement, allowing it to...

5.4AI score

Exploits1References6

CNNVD•added 2026/01/21 12:0 a.m.•0 views

DD-WRT security vulnerabilities

DD-WRT is an open-source alternative firmware based on Linux, developed by DD-WRT. It is suitable for various WLAN routers and embedded systems. Version DD-WRT 45723 contains a security vulnerability, which stems from a buffer overflow in the UPNP network discovery service. This vulnerability cou...

9.8CVSS6.3AI score0.00116EPSS

Exploits0References5

Positive Technologies•added 2026/01/21 12:0 a.m.•1 views

PT-2026-3807

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS6.4AI score0.00116EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2009-2756

Malware in sbrugna...

7.5CVSS6.4AI score0.01411EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2008-6934

Malware in sbrugna...

6.8CVSS6.4AI score0.00552EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2012-6152

Malware in sbrugna...

9.3CVSS8.6AI score0.00653EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-6933

Malware in sbrugna...

6.8CVSS6.4AI score0.04682EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-32132

Malicious code in bioql PyPI...

9.8CVSS5.9AI score0.02515EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:19 p.m.•5 views

CVE-2020-13976

An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation through CSRF might be possible. NOTE: software maintainers consider the report invalid because it...

8.8CVSS8.1AI score0.00763EPSS

Exploits1

OSV•added 2022/08/05 10:15 p.m.•0 views

CVE-2022-27631

A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability...

9.8CVSS7.3AI score

Exploits0References1

NVD•added 2022/08/05 10:15 p.m.•18 views

CVE-2022-27631

9.8CVSS0.02515EPSS

Exploits1References1

Prion•added 2022/08/05 10:15 p.m.•30 views

Memory corruption

7.5CVSS9.5AI score0.02515EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2022/08/05 9:19 p.m.•7 views

CVE-2022-27631

5.3CVSS9.5AI score0.02515EPSS

Exploits1References1

CVE•added 2022/08/05 9:19 p.m.•107 views

CVE-2022-27631

The CVE-2022-27631 entry describes a memory corruption vulnerability in DD-WRT’s httpd unescape function affecting revisions 32270–48599. The issue stems from assuming two characters follow a '%' and performing an unsafe strcpy without validating the second character, which can read beyond the st...

9.8CVSS9.5AI score0.02515EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/08/05 9:19 p.m.•20 views

CVE-2022-27631

5.3CVSS9.8AI score0.02515EPSS

Exploits1References1

Talos•added 2022/07/27 12:0 a.m.•83 views

DD-WRT httpd unescape memory corruption vulnerability

Summary A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. Tested Versions DD-WRT Revision 322...

9.8CVSS7.4AI score0.02515EPSS

Exploits1

Packet Storm•added 2021/03/31 12:0 a.m.•360 views

DD-WRT 45723 Buffer Overflow

Exploit Title: DD-WRT 45723 - UPNP Buffer Overflow PoC Date: 24.03.2021 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://dd-wrt.com/ Software Link: https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/ Version: 45723 or prior Tested on: TP-Link Archer C7...

0.7AI score

Exploits0

Exploit DB•added 2021/03/31 12:0 a.m.•326 views

DD-WRT 45723 - UPNP Buffer Overflow (PoC)

7.4AI score

Exploits0

seebug.org•added 2021/03/30 12:0 a.m.•137 views

DD-WRT 缓冲区溢出漏洞（CVE-2021-27137）

SSD Advisory – DD-WRT UPNP Buffer Overflow March 24, 2021 SSD Disclosure / Technical Lead Uncategorized TL;DR Find out how a vulnerability in DD-WRT allows an unauthenticated attacker to overflow an internal buffer used by UPNP and trigger a code execution vulnerability. Vulnerability Summary...

0.2AI score

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by