8 matches found
EUVD-2023-45706
Malicious code in bioql PyPI...
CVE-2023-44409
D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...
CVE-2023-41203
D-Link DAP-1325 SetAPLanSettings PrimaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...
CVE-2023-41188
D-Link DAP-1325 HNAP SetAPLanSettings DeviceName Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability...
CVE-2023-44403
CVE-2023-44403 affects D-Link DAP-1325 routers via the HNAP1 SOAP endpoint, SetWLanRadioSettings channel command handling. The vulnerability arises from insufficient validation of a user-supplied string used in a system call, allowing network-adjacent attackers to execute arbitrary code with root...
Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) Exploit
Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send...
D-Link Devices HNAP SOAPAction-Header Command Execution Exploit
Different D-Link Routers are vulnerable to OS command injection in the HNAP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command. This Metasploit module has been tested on a DIR-645 device. The following devices are also reported as...
D-Link Devices HNAP SOAPAction-Header Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'D-Link Devices HNAP SOAPAction-Header Command Execution', 'Description' = %q Different D-Link Routers are vulnerable to OS command...