Lucene search
K

55 matches found

BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.6 views

The vulnerability of the gena.cgi component of D-Link DIR-600 B5 router software allows for an increase in privileges and the execution of arbitrary commands.

The vulnerability of the gena.cgi component of D-Link DIR-600 B5 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary commands...

10CVSS7.7AI score0.01531EPSS
Exploits1References4Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2023/06/22 12:0 a.m.5 views

VulnCheck KEV: CVE-2019-17621

D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local...

10CVSS7.7AI score0.89624EPSS
Exploits8References1
ATTACKERKB
ATTACKERKB
added 2023/06/12 8:15 p.m.4 views

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

9.8CVSS7AI score0.01531EPSS
Exploits1References4
OSV
OSV
added 2023/06/12 8:15 p.m.4 views

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

9.8CVSS5.8AI score0.01531EPSS
Exploits1References3
NVD
NVD
added 2023/06/12 8:15 p.m.19 views

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

9.8CVSS9.7AI score0.01531EPSS
Exploits1References3
Prion
Prion
added 2023/06/12 8:15 p.m.13 views

Stack overflow

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

7.5CVSS9.6AI score0.01531EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/06/12 12:0 a.m.32 views

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

9.9AI score0.01531EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/06/12 12:0 a.m.9 views

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

8.1AI score0.01531EPSS
Exploits1References3
CVE
CVE
added 2023/06/12 12:0 a.m.168 views

CVE-2023-33626

CVE-2023-33626 affects D-Link DIR-600 hardware version B5 with firmware 2.18, due to a stack overflow in the binary gena.cgi . Several sources describe a boundary/overflow condition in gena.cgi that can allow a remote attacker to potentially execute arbitrary code or cause denial of service. The ...

9.8CVSS9.6AI score0.01531EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/12 12:0 a.m.7 views

PT-2023-3742 · D Link · D-Link Dir-600

Name of the Vulnerable Software and Affected Versions: D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 Description: The issue is related to a stack overflow in the gena.cgi binary, which can be exploited by a remote attacker to elevate privileges and execute arbitrary commands. This is ...

9.8CVSS8.2AI score0.01531EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/06/12 12:0 a.m.8 views

D-Link DIR-600 缓冲区错误漏洞

The D-Link DIR-600 is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-600 version 2.18, which originates from a boundary error in the file gena.cgi when processing untrusted input, and can be exploited by an attacker to execute arbitrary code on...

9.8CVSS8AI score0.01531EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/04/13 12:0 a.m.5 views

The vulnerability of the implementation of the genacgi_main() function in D-Link DIR-859 router microprogramming software allows a hacker to cause a service failure.

The vulnerability of the genacgimain function implementation in D-Link DIR-859 router microprogramming software is related to the output of operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure by executing the /gena.cgi...

6.3CVSS6.3AI score0.08588EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.4 views

The vulnerability of D-Link DIR-818Lx, DIR-822, DIR-823, DIR-859, DIR-865L, DIR-868L, DIR-869, DIR-880L, DIR-890L/R, DIR-885L/R, and DIR-895L/R routers stems from the failure to address the issue of eliminating special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands on behalf of the root user in the target system.

The vulnerability of D-Link DIR-818Lx, DIR-822, DIR-823, DIR-859, DIR-865L, DIR-868L, DIR-869, DIR-880L, DIR-890L/R, DIR-885L/R, and DIR-895L/R routers exists due to the lack of measures taken to neutralize the special elements used in the operating system’s commands. Exploiting this vulnerabilit...

10CVSS8.4AI score0.89624EPSS
Exploits8References4Affected Software11
Metasploit
Metasploit
added 2020/01/13 4:18 p.m.19 views

D-Link DIR-859 Unauthenticated Remote Command Execution

D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi function genacgimain in /htdocs/cgibin, which is accessible without credentials. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS7.5AI score0.89624EPSS
Exploits8
OSV
OSV
added 2019/12/30 5:15 p.m.2 views

CVE-2019-17621

The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network...

9.8CVSS7.7AI score0.89624EPSS
Exploits8References8
Rows per page
Query Builder