16 matches found
D-Link DWR-M960 formDdns File Buffer Overflow Vulnerability
The D-Link DWR-M960 is a router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DWR-M960 formDdns file. The vulnerability stems from a misbehavior of the function sub4648F0 in the file /boafrm/formDdns in the DDNS Settings Handler component with respect to the...
CVE-2026-2855
A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit ha...
CVE-2026-2855 D-Link DWR-M960 DDNS Settings formDdns sub_4648F0 stack-based overflow
A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit ha...
CVE-2026-2855
A vulnerability has been found in D-Link DWR-M960 1.01.07. Affected is the function sub4648F0 of the file /boafrm/formDdns of the component DDNS Settings Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit ha...
D-Link DWR-M960 安全漏洞
The D-Link DWR-M960 is a router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DWR-M960 formDdns file. The vulnerability stems from a misbehavior of the function sub4648F0 in the file /boafrm/formDdns in the DDNS Settings Handler component with respect to the...
EUVD-2023-59408
Malicious code in bioql PyPI...
CVE-2023-7227 Command Injection vulnerability in SystemK NVR 504/508/516
SystemK NVR 504/508/516 versions 2.3.5SK.30084998 and prior are vulnerable to a command injection vulnerability in the dynamic domain name system DDNS settings that could allow an attacker to execute arbitrary commands with root privileges...
CVE-2021-40408
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-username variable, that has the value of the userName parameter provided through the SetDdns API, is not validated properly. Th...
CVE-2021-40408
An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-username variable, that has the value of the userName parameter provided through the SetDdns API, is not validated properly. Th...
Reolink RLC-410W device network settings OS command injection vulnerabilities
Summary Multiple os command injection vulnerabilities exist in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability. Tested...
TP-Link C50 Wireless Router 3 Information Disclosure Cross Site Request Forgery
Exploit Title: TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery Information Disclosure Date: 2018-08-09 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link: https://www.tp-link.com/download/Archer-C50V3.htmlFirmware...
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Information Disclosure)
Exploit Title: TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery Information Disclosure Date: 2018-08-09 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link: https://www.tp-link.com/download/Archer-C50V3.htmlFirmware...
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Information Disclosure)
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery Information Disclosure Exploit Title: TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery Information Disclosure Date: 2018-08-09 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3...
Cisco EPC 3925 XSS / CSRF / HTTP Response Injection / DoS
Title: Cisco EPC 3925 Multiple Vulnerabilities Vendor: http://www.cisco.com/ Vulnerable Versions: Cisco EPC3925 EuroDocsis 3.0 2-PORT Voice Gateway Date: 15.09.2016 Author: Patryk Bogdan ======== Vulnerability list: 1. HTTP Response Injection via 'Lang' Cookie 2. DoS via 'Lang' Cookie 3. DoS in...
Cisco EPC 3925 - Multiple Vulnerabilities
Exploit for asp platform in category web applications Title: Cisco EPC 3925 Multiple Vulnerabilities Vendor: http://www.cisco.com/ Vulnerable Versions: Cisco EPC3925 EuroDocsis 3.0 2-PORT Voice Gateway Date: 15.09.2016 Author: Patryk Bogdan ======== Vulnerability list: 1. HTTP Response Injection...
NetGear C DSL Router R0318 - Multiple Web Vulnerabilities
Document Title: =============== NetGear C DSL Router R0318 - Multiple Web Vulnerabilities Release Date: ============= 2011-08-18 Vulnerability Laboratory ID VL-ID: ==================================== 40 Product & Service Introduction: =============================== RO318 ergänzt Produktfamilie...