CVE-2026-5815

A vulnerability was detected in D-Link DIR-645 1.01/1.02/1.03. Impacted is the function hedwigcgimain of the file /cgi-bin/hedwig.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. This vulnerability only...

D-Link DIR-645 安全漏洞

The D-Link DIR-645 is a wireless router produced by D-Link Corporation. Versions 1.01, 1.02, and 1.03 of the D-Link DIR-645 contain security vulnerabilities. These vulnerabilities stem from a stack-based buffer overflow vulnerability in the function hedwigcgimain located in the /cgi-bin/hedwig.cg...

EUVD-2025-205599

A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an unknown functionality of the file hedwig.cgi of the component HTTP Header Handler. The manipulation of the argument Cookie results in stack-based buffer overflow. It is possible to launch the attack...

CVE-2025-15194

A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an unknown functionality of the file hedwig.cgi of the component HTTP Header Handler. The manipulation of the argument Cookie results in stack-based buffer overflow. It is possible to launch the attack...

CVE-2025-15194

The CVE-2025-15194 entry concerns D-Link DIR-600 devices with firmware up to 2.15WWb02. The vulnerability is in the HTTP Header Handler’s hedwig.cgi, where manipulating the Cookie argument triggers a stack-based buffer overflow. This allows remote exploitation and the public PoC indicates active ...

CVE-2025-15194 D-Link DIR-600 HTTP Header hedwig.cgi stack-based overflow

A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an unknown functionality of the file hedwig.cgi of the component HTTP Header Handler. The manipulation of the argument Cookie results in stack-based buffer overflow. It is possible to launch the attack...

D-Link DIR-600 安全漏洞

The D-Link DIR-600 is a wireless router from China AUO D-Link. A security vulnerability exists in the D-Link DIR-600 version 2.15WWb02 and prior versions, which stems from the incorrect manipulation of the parameter Cookie in the file hedwig.cgi of the component HTTP Header Handler, which could...

PT-2025-53654

Name of the Vulnerable Software and Affected Versions D-Link DIR-600 versions prior to 2.15WWb02 Description A stack-based buffer overflow exists in the HTTP Header Handler component of D-Link DIR-600. The issue is due to the manipulation of the Cookie argument within the hedwig.cgi file. This...

VulnCheck KEV: CVE-2018-10957

CSRF exists on D-Link DIR-868L devices, leading to for example a change to the Admin password. hedwig.cgi and pigwidgeon.cgi are two of the affected components...

EUVD-2018-3009

Malware in sbrugna...

EUVD-2025-29839

Malicious code in bioql PyPI...

CVE-2025-10628

A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-10628

A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-10628

A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-10628

D-Link DIR-852 (1.00CN B09) Web Management Interface component /htdocs/cgibin/hedwig.cgi is affected by a command-injection vulnerability. The issue arises from insufficient input filtering in hedwig.cgi, enabling remote exploitation. Public exploits exist and the affected devices are noted as no...

CVE-2025-10628 D-Link DIR-852 Web Management hedwig.cgi command injection

A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has...

CVE-2025-10628 D-Link DIR-852 Web Management hedwig.cgi command injection

A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code of the file /htdocs/cgibin/hedwig.cgi of the component Web Management Interface. Performing manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has...

PT-2025-38290

Name of the Vulnerable Software and Affected Versions D-Link DIR-852 version 1.00CN B09 Description A vulnerability exists in the Web Management Interface component of D-Link DIR-852 version 1.00CN B09. Manipulation of unknown code within the /htdocs/cgibin/hedwig.cgi file can lead to command...

CVE-2025-6328

A vulnerability was found in D-Link DIR-815 1.01. It has been declared as critical. This vulnerability affects the function sub403794 of the file hedwig.cgi. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public a...

CVE-2025-6328 D-Link DIR-815 hedwig.cgi sub_403794 stack-based overflow

A vulnerability was found in D-Link DIR-815 1.01. It has been declared as critical. This vulnerability affects the function sub403794 of the file hedwig.cgi. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public a...