14 matches found
EUVD-2021-14843
Malware in sbrugna...
CVE-2021-28144
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...
D-Link DIR-3060 Buffer Overflow Vulnerability
D-Link DIR-3060 is a router from China Friendship Communications D-Link Inc. It provides a function to connect to the network.The D-Link DIR-3060 DIR3060A1FW111B04.bin version contains a buffer overflow vulnerability, which stems from a boundary error in FUN0049ac18 when handling untrusted input....
D-Link DIR-3060 安全漏洞
D-Link DIR-3060 is a router from China Friendship Communications D-Link Inc. It provides a function to connect to the network.The D-Link DIR-3060 DIR3060A1FW111B04.bin version contains a buffer overflow vulnerability, which stems from a boundary error in FUN0049ac18 when handling untrusted input....
PT-2022-5677 · D Link · D-Link Dir-3060
Name of the Vulnerable Software and Affected Versions: D-Link DIR3060 version DIR3060A1 FW111B04.bin Description: The issue is related to a buffer overflow in the D-Link DIR-3060 router's firmware. Specifically, the FUN 0049ac18 function is vulnerable due to the lack of size checking for input...
D-Link DIR-3060 1.11b04 Command Injection Vulnerability
title: Authenticated Command Injection in D-Link DIR-3060 Web Interface vendor/product: D-Link DIR-3060 https://www.dlink.com/ vulnerable version: v1.11b04 & Below fixed version: v1.11b04 Hotfix 2 CVE number: CVE-2021-28144 impact: 8.8 high CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Vendor...
D-Link DIR-3060 Command Injection Vulnerability
The D-Link DIR-3060 is a router from China-based AUO D-Link. The D-Link DIR-3060 suffers from a command injection vulnerability that can be exploited by an attacker to remotely authenticate a user to inject arbitrary commands in the administrative or root environment...
D-Link DIR-3060 授权RCE漏洞(CVE-2021-28144)
Advisory: D-Link DIR-3060 Authenticated RCE CVE-2021-28144 MARCH 11, 2021 Overview The D-Link DIR-3060 running firmware versions below v1.11b04 is affected by a post-authentication command injection vulnerability. Anybody with authenticated access to a DIR-3060 would be able to run arbitrary syst...
D-Link DIR-3060 1.11b04 Command Injection
IoT Inspector Research Lab Security Advisory IOT-20210311-0 title: Authenticated Command Injection in D-Link DIR-3060 Web Interface vendor/product: D-Link DIR-3060 https://www.dlink.com/ vulnerable version: v1.11b04 & Below fixed version: v1.11b04 Hotfix 2 CVE number: CVE-2021-28144 impact: 8.8...
CVE-2021-28144
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...
Code injection
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...
CVE-2021-28144
The CVE-2021-28144 issue affects D-Link DIR-3060 routers, where the web management binary prog.cgi handles SOAP SetVirtualServerSettings in a way that can trigger an OS command via an unsafe popen path. Specifically, when LocalIPAddress is provided, Enabled is true, InternalPort is 9, and Protoco...
CVE-2021-28144
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...
D-Link DIR-3060 命令注入漏洞
The D-Link DIR-3060 is a router from China-based AUO D-Link. The D-Link DIR-3060 suffers from a command injection vulnerability that can be exploited by an attacker to remotely authenticate a user to inject arbitrary commands in the administrative or root environment...