25 matches found
EUVD-2022-46051
Malicious code in bioql PyPI...
EUVD-2023-43344
Malicious code in bioql PyPI...
EUVD-2023-47661
Malicious code in bioql PyPI...
CVE-2024-0921
CVE-2024-0921 affects D-Link DIR-816 A2 (firmware 1.10CNB04). The Web Interface file /goform/setDeviceSettings is vulnerable; manipulating the statuscheckpppoeuser parameter enables OS command injection. Attacks can be launched remotely and exploit details have been publicly disclosed. Multiple s...
The vulnerability of the setMAC function in D-Link DIR-816 A2 microprogrammed router software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the setMAC function in D-Link DIR-816 A2 router microprogramming software is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...
CVE-2023-43236
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dirsetWanWifi...
CVE-2023-43238
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi...
CVE-2023-43242
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel...
CVE-2023-43242
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel...
PT-2023-5373 · D Link · D-Link Dir-816 A2
Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10CNB05 Description: The issue is related to a stack overflow in the showMACfilterMAC function of the D-Link DIR-816 A2 router's firmware, which can be exploited via the flag 5G parameter. This could allow a remote...
CVE-2023-43236
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dirsetWanWifi...
Stack overflow
D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd...
CVE-2022-42998
The CVE-2022-42998 entry concerns the D-Link DIR-816 A2 router (firmware 1.10 B05). A stack overflow is triggered via the srcip parameter in the /goform/form2IPQoSTcAdd endpoint. This affects the device’s firmware and is rated critical (CVSSv3.1: AV Network, AC Low, PR None, UI None, S Unchanged;...
CVE-2022-37130
In D-Link DIR-816 A2v1.10CNB04, DIR-878 DIR878FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability...
D-Link DIR-816 A2 Command Injection Vulnerability
D-Link DIR-816 A2 is a wireless router from D-Link, Taiwan, China. D-Link DIR-816 A2 1.10 B05 is vulnerable to command injection, which can be exploited by attackers to arbitrarily reset the device to /goform/form2Reboot.cgi via the crafted tokenid parameter...
Authentication flaw
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use an API URL /goform/LoadDefaultSettings to reset the router without authentication...
Authentication flaw
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use an API URL /goform/setSysAdm to edit the web or system account without authentication...
Authentication flaw
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use an API URL /goform/form2userconfig.cgi to edit the system account without authentication...
CVE-2019-10039
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dirlogin.asp and use an API URL /goform/setSysAdm to edit the web or system account without authentication...
D-Link DIR-816 A2 Buffer Overflow Vulnerability
D-Link DIR-816 A2 is a wireless router product from AUO D-Link. A stack buffer overflow vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05, which can be exploited by an attacker to overwrite the returned address with the help of a longer password...