Lucene search
K

55 matches found

CNVD
CNVD
added 2024/08/21 12:0 a.m.7 views

AUO DIR-860L Buffer Overflow Vulnerability

The AUO DIR-860L is a wireless router from China's AUO that supports the Wi-Fi 5 standard and offers dual-band 2.4GHz and 5GHz network connectivity with a maximum transmission speed of up to 1200 Mbps.The device has a built-in antenna and comes with one USB 3.0 port and four Gigabit wired ports. ...

9.8CVSS7.9AI score0.15507EPSS
Exploits1References1
OSV
OSV
added 2024/08/19 8:15 p.m.1 views

CVE-2024-42813

In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

9.8CVSS6.3AI score
Exploits0References1
OSV
OSV
added 2024/08/19 8:15 p.m.3 views

CVE-2024-42812

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

9.8CVSS6.3AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/19 12:0 a.m.17 views

CVE-2024-42813

In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

8AI score0.00698EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/19 12:0 a.m.4 views

TRENDnet TEW-752DRU 安全漏洞

The TRENDnet TEW-752DRU is a dual-band wireless router from Trendnet, Inc. A security vulnerability exists in TRENDnet TEW-752DRU version FW1.03B01, which originates from a lack of length validation in the service field in gena.cgi, which could lead to a buffer overflow vulnerability and cause th...

9.8CVSS7.7AI score0.00698EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/08/19 12:0 a.m.13 views

CVE-2024-42812

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

8.3AI score0.15507EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/08/19 12:0 a.m.3 views

D-Link DIR-860L 安全漏洞

The AUO DIR-860L is a wireless router from China's AUO that supports the Wi-Fi 5 standard and offers dual-band 2.4GHz and 5GHz network connectivity with a maximum transmission speed of up to 1200 Mbps.The device has a built-in antenna and comes with one USB 3.0 port and four Gigabit wired ports. ...

9.8CVSS7.8AI score0.15507EPSS
Exploits1References3
CVE
CVE
added 2024/08/19 12:0 a.m.64 views

CVE-2024-42812

CVE-2024-42812 affects D-Link DIR-860L firmware v2.03, due to a missing length check in the SID field of gena.cgi, causing a buffer overflow that can crash the device or allow arbitrary commands. OpenVAS and other feeds classify impact as high/critical (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A...

9.8CVSS8.1AI score0.15507EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/08/19 12:0 a.m.58 views

CVE-2024-42813

CVE-2024-42813 affects TRENDnet TEW-752DRU under FW1.03B01. The issue is a buffer overflow caused by lack of length verification for the parameter in the gena.cgi service field. This vulnerability could cause the remote device to crash or allow execution of arbitrary commands as described in mult...

9.8CVSS8.1AI score0.00698EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/08/19 12:0 a.m.21 views

CVE-2024-42812

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

0.15507EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/08/19 12:0 a.m.25 views

CVE-2024-42813

In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

0.00698EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/08/05 12:0 a.m.4 views

PT-2024-6506 · D Link · D-Link Dir-860L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-860L version 2.03 Description: The issue is related to a buffer overflow vulnerability in the gena.cgi file of the D-Link DIR-860L router's firmware. This vulnerability is caused by the lack of length verification for the SID field...

9.8CVSS9.8AI score0.15507EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2024/07/19 12:0 a.m.16 views

D-Link DAP-1650 EOL Device Multiple Command Injection Vulnerabilities (Jan 2024)

D-Link DAP-1650 devices are prone to multiple command injection vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS9.8AI score0.25988EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/02/14 12:0 a.m.7 views

The vulnerability of the gena.cgi module in D-Link DAP-1650 wireless access points allows a intruder to execute arbitrary commands.

The vulnerability of the gena.cgi module in D-Link DAP-1650 wireless access points is related to improper validation of input data during the processing of UPnP SUBSCRIBE messages. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using specially crafted data...

10CVSS8.2AI score0.25988EPSS
Exploits0References5
NVD
NVD
added 2024/01/26 12:15 a.m.15 views

CVE-2024-23624

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root...

9.8CVSS9.9AI score0.25988EPSS
Exploits0References1
Prion
Prion
added 2024/01/26 12:15 a.m.14 views

Command injection

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root...

8.3CVSS8AI score0.25988EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/26 12:0 a.m.4 views

D-Link DAP-1650 Command Injection Vulnerability

The D-Link DAP-1650 is a WiFi range extender from China AUO D-Link. A security vulnerability exists in the D-Link DAP-1650 that stems from a command injection vulnerability in the gena.cgi module...

9.8CVSS7.6AI score0.25988EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/25 11:41 p.m.19 views

CVE-2024-23624 D-Link DAP-1650 gena.cgi SUBSCRIBE Command Injection Vulnerability

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root...

9.6CVSS10AI score0.25988EPSS
Exploits0References1
CVE
CVE
added 2024/01/25 11:41 p.m.62 views

CVE-2024-23624

The CVE-2024-23624 entry describes a remote, unauthenticated command-injection vulnerability in the GENA.cgi module of D-Link DAP-1650 devices. The root cause is reported as incorrect input validation when processing UPnP SUBSCRIBE messages, enabling an attacker to execute arbitrary commands with...

9.8CVSS9.8AI score0.25988EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/25 12:0 a.m.8 views

PT-2024-1618 · D Link · D-Link Dap-1650

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1650 affected versions not specified Description: A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on t...

10CVSS10AI score0.25988EPSS
Exploits0References8
Rows per page
Query Builder