The vulnerability of the get_ip_addr_details() function (/view/vpn/sxh_vpn/sxh_vpnlic.php) of the D-Link DAR-7000 router’s software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the getipaddrdetails function /view/vpn/sxhvpn/sxhvpnlic.php of the D-Link DAR-7000 router’s software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

D-Link DAR-7000 注入漏洞

The D-Link DAR-7000 is an Internet Behavior Management and Auditing Gateway device that provides Internet behavior management and auditing capabilities. The D-Link DAR-7000 suffers from a command injection vulnerability that stems from the ethname parameter of the getipaddrdetails function in the...

The vulnerability of the get_ip_addr_details function (/view/dhcp/dhcpConfig/commit.php) in Ruijie RG-UAC router software allows a attacker to execute arbitrary commands.

The vulnerability of the getipaddrdetails function /view/dhcp/dhcpConfig/commit.php in Ruijie RG-UAC router software exists due to the failure to address special elements used in operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands via th...

PT-2024-4394 · Ruijie · Ruijie Rg-Uac

Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC version 1.0 Description: A critical issue has been found in the function get ip addr details of the file /view/dhcp/dhcpConfig/commit.php. The manipulation of the argument ethname leads to os command injection. The attack may be...