13 matches found
EUVD-2020-3291
Malware in sbrugna...
EUVD-2018-8405
Malware in sbrugna...
CVE-2021-35004
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link TL-WA1201 1.0.1 Build 20200709 rel.662445553 wireless access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS response...
CVE-2022-25726
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet...
Denial Of Service (DoS)
github.com/coredns/coredns is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of DNS responses by the resolver, which allows it to ignore valid replies, making it susceptible to forged responses from attackers...
CVE-2024-5228
The vulnerability CVE-2024-5228 affects TP-Link Omada ER605 routers, caused by a heap-based buffer overflow in Comexe DDNS response handling. The flaw stems from insufficient validation of the length of user-supplied DNS data before copying it into a fixed-length heap buffer, enabling remote code...
CVE-2021-35003
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer C90 1.0.6 Build 20200114 rel.731645553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted D...
ROS-2-2151
2.2151 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...
CVE-2020-10881
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS messa...
PT-2020-12393 · Tp Link · Tp-Link Archer A7
Name of the Vulnerable Software and Affected Versions: TP-Link Archer A7 Firmware version 190726 AC1750 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the...
MikroTik RouterOS < 6.44.6 LTS or 6.45.x < 6.45.7 Multiple Vulnerabilities
According to its self-reported version, the remote networking device is running a version of MikroTik RouterOS prior to 6.44.6 LTS or 6.45.x prior to 6.45.7. It is, therefore, affected by multiple vulnerabilities : - Relative Path Traversal in NPK Parsing - RouterOS 6.45.6 Stable, RouterOS 6.44.5...
CVE-2018-8225
CVE-2018-8225 is a remote code execution vulnerability in Windows DNSAPI.dll that triggers when DNS responses are not handled correctly. Affected products span multiple Windows versions including Windows 7, Windows 8.1, Windows 10, and various Windows Server editions (2008, 2008 R2, 2012, 2012 R2...
GNU C Library glibc getanswer_r Buffer Overflow (CVE-2015-1781)
A code execution vulnerability exists in GNU C Library. The vulnerability is due to an error within the getanswerr function when handling DNS response resulting in a buffer overflow. A remote attacker can exploit this vulnerability by providing a specially-crafted DNS response to an application...