8 matches found
CVE-2020-15632
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-842 3.13B05 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HNAP GetCAPTCHAsetting requests. The issue...
CVE-2023-51616
D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...
CVE-2019-11321
CVE-2019-11321 affects Motorola CX2 1.01 and M2 1.01, where the router opens TCP port 8010 and accepts unauthenticated HNAP requests, enabling retrieval of information such as MAC addresses of connected clients. The root cause is exposed management interface on port 8010 without authentication. P...
D-Link DIR-505 HNAP Request Remote Buffer Overflow Exploit
Stack-based buffer overflow in the dohnap function in www/mycgi.cgi in D-Link DSP-W215 Rev. A1 with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in...
D-Link HNAP Request Remote Buffer Overflow
This module exploits an anonymous remote code execution vulnerability on different D-Link devices. The vulnerability is due to a stack based buffer overflow while handling malicious HTTP POST requests addressed to the HNAP handler. This module has been successfully tested on D-Link DIR-505 in an...
CVE-2014-3936
Stack-based buffer overflow in the dohnap function in www/mycgi.cgi in D-Link DSP-W215 Rev. A1 with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in...
Stack overflow
Stack-based buffer overflow in the dohnap function in www/mycgi.cgi in D-Link DSP-W215 Rev. A1 with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in...
CVE-2014-3936
Stack-based buffer overflow in the dohnap function in www/mycgi.cgi in D-Link DSP-W215 Rev. A1 with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in...