7 matches found
CVE-2023-32141
D-Link DAP-1360 webproc WEBDisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability...
PT-2021-17354
Name of the Vulnerable Software and Affected Versions: D-Link DAP-2020 version 1.01rc001 Description: This issue allows network-adjacent attackers to disclose sensitive information on affected installations. Authentication is not required to exploit this issue. The flaw exists within the processi...
D-link DAP-1360 - Path Traversal / Cross-Site Scripting
Exploit Title: D-Link DAP-1360 File path traversal and Cross site scriptingreflected can lead to Authentication Bypass easily. Date: 20-07-2018 Exploit Author: r3m0t3nu11 Contact : http://twitter.com/r3m0t3nu11 Vendor : www.dlink.com Version: Hardware version: F1 Firmware version: 6.O5 Tested...
PT-2017-7165 · D Link · Dvg-N5402Sp
Name of the Vulnerable Software and Affected Versions: D-Link DVG-N5402SP versions W1000CN-00 through W2000EN-00 Description: A directory traversal issue allows remote attackers to read sensitive information by utilizing a .. dot dot in the errorpage parameter. Recommendations: For D-Link...
CVE-2015-7252
Cross-site scripting XSS vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter...
CVE-2015-7252
Cross-site scripting XSS vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter...
ZTE ZXHN H108N R1A webproc cgi module cross-site scripting vulnerability
The ZTE ZXHN H108N R1A is a wireless router product from China's ZTE Corporation. The webproc cgi in the ZTE ZXHN H108N R1A ZTE.bhs.ZXHNH108NR1A.hPE version fails to properly handle the 'errorpage' parameter, which allows remote attackers to exploit the vulnerability to inject malicious script or...