Lucene search
K

43 matches found

CNVD
CNVD
added 2025/05/14 12:0 a.m.6 views

D-Link DIR-600L formLogin Function Buffer Overflow Vulnerability

The D-Link DIR-600L is an entry-level wireless router from China's AUO D-Link that supports 150Mbps wireless transmission and four 100 megabit wired ports. The D-Link DIR-600L suffers from a buffer overflow vulnerability that originates from the parameter host of the function formLogin that fails...

9.8CVSS9.1AI score0.01031EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/06 9:31 a.m.7 views

CVE-2025-4344 D-Link DIR-600L formLogin buffer overflow

A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. It is possible to initiate the attack remotely. This vulnerability only affects products that are no...

9CVSS7.1AI score0.01031EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/05/06 12:0 a.m.3 views

D-Link DIR-600L 安全漏洞

The D-Link DIR-600L is an entry-level wireless router from China's AUO D-Link that supports 150Mbps wireless transmission and four 100 megabit wired ports. The D-Link DIR-600L suffers from a buffer overflow vulnerability that originates from the parameter host of the function formLogin that fails...

9.8CVSS8.1AI score0.01031EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/05/06 12:0 a.m.4 views

PT-2025-19934 · D Link · D-Link Dir-600

Name of the Vulnerable Software and Affected Versions: D-Link DIR-600L versions up to 2.07B01 Description: A critical issue was found in the formLogin function, where manipulation of the host argument leads to a buffer overflow. This can be initiated remotely. The issue only affects products that...

9.8CVSS8.6AI score0.01031EPSS
Exploits0References15
NVD
NVD
added 2023/07/17 7:15 p.m.15 views

CVE-2023-37791

D-Link DIR-619L v2.04TW was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin...

9.8CVSS0.11532EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/07/17 7:15 p.m.4 views

CVE-2023-37791

D-Link DIR-619L v2.04TW was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin...

9.8CVSS7.4AI score0.11532EPSS
Exploits1References3
Prion
Prion
added 2023/07/17 7:15 p.m.15 views

Stack overflow

D-Link DIR-619L v2.04TW was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin...

7.5CVSS9.7AI score0.11532EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/17 12:0 a.m.12 views

CVE-2023-37791

D-Link DIR-619L v2.04TW was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin...

7.8AI score0.11532EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/07/17 12:0 a.m.17 views

CVE-2023-37791

D-Link DIR-619L v2.04TW was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin...

9.9AI score0.11532EPSS
Exploits1References2
CVE
CVE
added 2023/07/17 12:0 a.m.43 views

CVE-2023-37791

Summary (CVE-2023-37791) : A stack/buffer overflow exists in the D-Link DIR-619L v2.04(TW) firmware, triggered by the curTime parameter in /goform/formLogin. Multiple sources (CNVD/CNNVD/NVD entries) describe remote exploitation potential that could lead to arbitrary code execution or DoS. The ex...

9.8CVSS9.7AI score0.11532EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.7 views

D-Link DIR-619 缓冲区错误漏洞

The D-Link DIR-619 is a series of routers from the Chinese company AUO D-Link. A buffer overflow vulnerability exists in D-Link DIR-619L v2.04TW, which stems from the curTime parameter of /goform/formLogin failing to correctly validate the length size of the input data, and can be exploited by a...

9.8CVSS8.1AI score0.11532EPSS
Exploits1References3
NVD
NVD
added 2023/02/10 3:15 p.m.19 views

CVE-2023-24351

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin...

9.8CVSS9.7AI score0.01236EPSS
Exploits1References2
Prion
Prion
added 2023/02/10 3:15 p.m.17 views

Stack overflow

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin...

7.5CVSS9.6AI score0.01236EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/11/08 11:15 a.m.6 views

CVE-2022-30694

The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack...

6.5CVSS5.8AI score0.00294EPSS
Exploits0References1
Prion
Prion
added 2022/11/08 11:15 a.m.31 views

Cross site request forgery (csrf)

The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack...

4.3CVSS6.3AI score0.00294EPSS
Exploits0References1Affected Software23
NVD
NVD
added 2020/01/27 5:15 p.m.22 views

CVE-2019-19825

On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an "topicurl":"setting/getSanvas" POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. Also, the CAPTCHA text is not needed once the attacker has determined valid credentials. The attacker can perform...

9.8CVSS9.4AI score0.29557EPSS
Exploits3References4
Prion
Prion
added 2020/01/27 5:15 p.m.21 views

Design/Logic Flaw

On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an "topicurl":"setting/getSanvas" POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. Also, the CAPTCHA text is not needed once the attacker has determined valid credentials. The attacker can perform...

7.5CVSS9.2AI score0.29557EPSS
Exploits3References4Affected Software8
OSV
OSV
added 2018/09/15 9:29 p.m.3 views

CVE-2018-17067

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address...

9.8CVSS6.2AI score0.01892EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:9 a.m.17 views

Security Bulletin: Potential spoofing attack in IBM WebSphere Application Server in IBM Cloud (CVE-2017-1788)

Summary There is a potential spoofing attack in WebSphere Application Server using Form Login. Vulnerability Details CVEID: CVE-2017-1788 DESCRIPTION: IBM WebSphere Application Server installations using Form Login could allow a remote attacker to conducts spoofing attacks. CVSS Base Score: 5.3...

5.3CVSS1AI score0.02396EPSS
Exploits0Affected Software1
Saint
Saint
added 2010/12/28 12:0 a.m.25 views

HP Power Manager formLogin buffer overflow

Added: 12/28/2010 CVE: CVE-2010-4113 OSVDB: 69969 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A buffer overflow vulnerability in the Administration interface allows remote attackers to...

9.3CVSS7.8AI score0.09722EPSS
Exploits4
Rows per page
Query Builder