55 matches found
The vulnerability of the gena.cgi component of D-Link DIR-600 B5 router software allows for an increase in privileges and the execution of arbitrary commands.
The vulnerability of the gena.cgi component of D-Link DIR-600 B5 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary commands...
VulnCheck KEV: CVE-2019-17621
D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local...
CVE-2023-33626
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...
CVE-2023-33626
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...
CVE-2023-33626
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...
Stack overflow
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...
CVE-2023-33626
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...
CVE-2023-33626
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...
CVE-2023-33626
CVE-2023-33626 affects D-Link DIR-600 hardware version B5 with firmware 2.18, due to a stack overflow in the binary gena.cgi . Several sources describe a boundary/overflow condition in gena.cgi that can allow a remote attacker to potentially execute arbitrary code or cause denial of service. The ...
PT-2023-3742 · D Link · D-Link Dir-600
Name of the Vulnerable Software and Affected Versions: D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 Description: The issue is related to a stack overflow in the gena.cgi binary, which can be exploited by a remote attacker to elevate privileges and execute arbitrary commands. This is ...
D-Link DIR-600 缓冲区错误漏洞
The D-Link DIR-600 is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-600 version 2.18, which originates from a boundary error in the file gena.cgi when processing untrusted input, and can be exploited by an attacker to execute arbitrary code on...
The vulnerability of the implementation of the genacgi_main() function in D-Link DIR-859 router microprogramming software allows a hacker to cause a service failure.
The vulnerability of the genacgimain function implementation in D-Link DIR-859 router microprogramming software is related to the output of operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure by executing the /gena.cgi...
The vulnerability of D-Link DIR-818Lx, DIR-822, DIR-823, DIR-859, DIR-865L, DIR-868L, DIR-869, DIR-880L, DIR-890L/R, DIR-885L/R, and DIR-895L/R routers stems from the failure to address the issue of eliminating special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands on behalf of the root user in the target system.
The vulnerability of D-Link DIR-818Lx, DIR-822, DIR-823, DIR-859, DIR-865L, DIR-868L, DIR-869, DIR-880L, DIR-890L/R, DIR-885L/R, and DIR-895L/R routers exists due to the lack of measures taken to neutralize the special elements used in the operating system’s commands. Exploiting this vulnerabilit...
D-Link DIR-859 Unauthenticated Remote Command Execution
D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi function genacgimain in /htdocs/cgibin, which is accessible without credentials. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2019-17621
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network...