13 matches found
EUVD-2025-35579
D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCUSHELL endpoint. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-60331
Summary: CVE-2025-60331 affects the D-Link DIR-823G A1 (firmware 1.0.2B05). A vulnerable path is the /EXCU_SHELL endpoint where the FillMacCloneMac parameter can cause a buffer overflow, leading to a Denial of Service via a crafted input. The root cause is improper handling/validation of input le...
CVE-2025-60331
D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCUSHELL endpoint. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2024-2642 Ruijie RG-NBS2009G-P EXCU_SHELL command injection
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /EXCUSHELL. The manipulation of the argument Command1 leads to command injection. The attack can be launched remotely. The...
D-Link DIR-823G 'EXCU_SHELL' RCE Vulnerability - Active Check
D-Link DIR-823G Routers are prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-26613
An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCUSHELL...
Command injection
An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCUSHELL...
CVE-2023-26613
The CVE-2023-26613 case affects D-Link DIR-823G (firmware 1.02B05). A command-injection flaw exists in the EXCU_SHELL endpoint that allows an unauthenticated attacker to execute OS commands via a crafted GET request, resulting in remote code execution. Multiple sources confirm the firmware and en...
CVE-2023-26613
An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCUSHELL...
CVE-2019-6288
Edgecore ECS2020 Firmware 1.0.0.0 devices allow Unauthenticated Command Injection via the command1 HTTP header to the /EXCUSHELL URI...
Command injection
Edgecore ECS2020 Firmware 1.0.0.0 devices allow Unauthenticated Command Injection via the command1 HTTP header to the /EXCUSHELL URI...
CVE-2019-6288
Edgecore ECS2020 Firmware 1.0.0.0 devices allow Unauthenticated Command Injection via the command1 HTTP header to the /EXCUSHELL URI...
CVE-2018-19300
CVE-2018-19300 affects multiple D-Link devices (DAP-1530/A1 before 1.06b01; DAP-1610/A1 before 1.06b01; DWR-111/A1 before 1.02v02; DWR-116/A1 before 1.06b03; DWR-512/B1 before 2.02b01; DWR-711/A1 up to 1.11; DWR-712/B1 before 2.04b01; DWR-921/A1 before 1.02b01; DWR-921/B1 before 2.03b01). The vul...