14 matches found
EUVD-2020-20356
Malware in sbrugna...
CVE-2020-27863
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...
CVE-2020-27862
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...
CVE-2020-27862
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...
CVE-2020-27863
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...
CVE-2020-27863
CVE-2020-27863 affects D-Link DVA-2800 and DSL-2888A routers. The flaw is in the dhttpd service (listening on TCP port 8008 by default) where incorrect string-matching logic when accessing protected pages allows network-adjacent attackers to disclose stored credentials without authentication. The...
CVE-2020-27863
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...
CVE-2020-27862
CVE-2020-27862 affects D-Link DVA-2800 and DSL-2888A routers. A flaw in the dhttpd service handling of the path parameter allows an unauthenticated, network-adjacent attacker to execute arbitrary code via a system call, with impact on the web server context. The issue is triggered by parsing the ...
D-Link Multiple Routers dhttpd Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...
D-Link Multiple Routers dhttpd Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 80...
Chromecast Web Server Scanner
This module scans for the Chromecast web server on port 8008/TCP, and can be used to discover devices which can be targeted by other Chromecast modules, such as chromecastyoutube. This module requires Metasploit: https://metasploit.com/download Current source:...
CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Endpoint. Authentication is not required to exploit this vulnerability. The specific flaw exists within CA.Itm.Server.ManagementWS.dll. Due to a failure to properly sanitize...