PT-2023-8301 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...

PT-2023-8299 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...

PT-2023-5829 · D Link · D-Link Dir-3040

Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. The specific flaw exists within the prog.cgi binary, whi...

PT-2023-5830 · D Link · D-Link Dir-3040

Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. The specific flaw exists within the prog.cgi binary, whi...

PT-2023-8306 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the prog.cgi component of D-Link DIR-X3260 Wi-Fi routers, allowing remote attackers to execute arbitrary code. The...

PT-2023-8302 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: The issue is related to a stack-based buffer overflow in the prog.cgi component of D-Link DIR-X3260 Wi-Fi routers, allowing remote attackers to execute arbitrary code. The flaw...

PT-2023-8308 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...

D-Link DIR-X3260 prog.cgi SOAPAction Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction request header provided to the prog.cg...

PT-2023-5735 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...

The vulnerability in the prog.cgi web interface script of D-Link DIR-2640-US’s router software allows a hacker to execute arbitrary code.

The vulnerability in the prog.cgi web interface for managing D-Link DIR-2640-US router microprogramming software relates to the escape of operations beyond the buffer in memory when checking the length of data entered by the user. Exploiting this vulnerability allows a remote attacker to execute...

PT-2023-3463 · D Link · D-Link Dir-X3260

Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this issue...

D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management interface, which listens on TCP port 80 by default...

CVE-2022-31414

D-Link DIR-1960 firmware DIR-1960A11.11 was discovered to contain a buffer overflow via srtcat in prog.cgi. This vulnerability allowed attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2022-31414

D-Link DIR-1960 firmware DIR-1960A11.11 was discovered to contain a buffer overflow via srtcat in prog.cgi. This vulnerability allowed attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2022-31414

The CVE-2022-31414 issue affects D-Link DIR-1960, specifically firmware DIR-1960_A1_1.11. The vulnerability is a buffer overflow in prog.cgi triggered via the srtcat function, allowing an attacker to cause a Denial of Service (DoS) through a crafted HTTP request to the router’s /prog.cgi endpoint...

D-Link DIR-1960 安全漏洞

The D-Link DIR-1960 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-1960 firmware version DIR-1960A11.11, which originates from a buffer overflow inclusion in prog.cgi via srtcat, which allows an attacker to trigger a denial of service DoS via a...

CVE-2021-30072

An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication...

Stack overflow

An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication...

CVE-2021-30072

The CVE-2021-30072 entry concerns the D-Link DIR-878 router (version 1.30B08) and affects the prog.cgi component. The root cause is a misused strcat leading to a stack-based buffer overflow, which can be exploited without authentication over the network. Exploitation details are not provided in t...

CVE-2021-30072

An issue was discovered in prog.cgi on D-Link DIR-878 1.30B08 devices. Because strcat is misused, there is a stack-based buffer overflow that does not require authentication...