19 matches found
EUVD-2016-1371
Malware in sbrugna...
EUVD-2016-1370
Malware in sbrugna...
The vulnerability of the qmiweb component of the D-Link DWR-932B router’s microprogramming software allows a hacker to execute any command they desire.
The vulnerability of the qmiweb component in the microprogramming software of the D-Link DWR-932B router lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by adding the character “’”...
CVE-2016-10183
An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal...
Command injection
An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with characters...
CVE-2016-10182
An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with characters...
Design/Logic Flaw
An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal...
CVE-2016-10183
An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal...
Cross site scripting
An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal...
CVE-2016-10184
An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal...
CVE-2016-10181
An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=gethomeCfg requests...
CVE-2016-10182
An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with characters...
CVE-2016-10181
An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for CfgType=gethomeCfg requests...
CVE-2016-10182
An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with characters...
CVE-2016-10183
An issue was discovered on the D-Link DWR-932B router. qmiweb allows directory listing with ../ traversal...
CVE-2016-10184
An issue was discovered on the D-Link DWR-932B router. qmiweb allows file reading with ..%2f traversal...
CVE-2016-10183
The CVE-2016-10183 issue affects the D-Link DWR-932B router, caused by a directory traversal in the qmiweb component that allows listing directory contents via ../ traversal. Public records (NVD, CNVD, CVE lists) confirm the affected device and vector but do not provide concrete firmware versions...
CVE-2016-10181
The CVE affects the D-Link DWR-932B router. A information disclosure vulnerability exists where qmiweb exposes sensitive information for CfgType=get_homeCfg requests. Connected CNVD entry confirms the issue on DWR-932B and notes firmware version 02.02eu as affected; the NVD entry defines the impa...
CVE-2016-10184
CVE-2016-10184 affects the D-Link DWR-932B router. The qmiweb component enables arbitrary file reading via directory traversal ("..%2f"), allowing read access to files on the device. This aligns with the CVSS details: Confidentiality impact is PARTIAL, with no integrity or availability impact rep...