CVE-2023-44424 D-Link DIR-X3260 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability

D-Link DIR-X3260 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...

CVE-2023-44423 D-Link DIR-X3260 SetTriggerPPPoEValidate Password Command Injection Remote Code Execution Vulnerability

D-Link DIR-X3260 SetTriggerPPPoEValidate Password Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...

CVE-2023-44417

The CVE-2023-44417 entry concerns D-Link DAP-2622 routers. The vulnerability lies in the DDP service, where input length is not properly validated before being copied into a fixed-length stack-based buffer, enabling a stack-based buffer overflow. The impact is remote code execution with root priv...

CVE-2023-44416 D-Link DAP-2622 Telnet CLI Command Injection Remote Code Execution Vulnerability

D-Link DAP-2622 Telnet CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622. Authentication is required to exploit this vulnerability. The specific flaw exists within...

CVE-2023-44415 D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability

D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1260 and DIR-2150 routers. Authentication is required to exploit this vulnerability. The specif...

CVE-2023-44415 D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability

D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1260 and DIR-2150 routers. Authentication is required to exploit this vulnerability. The specif...

CVE-2023-44407 D-Link DAP-1325 SetAPLanSettings Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1325 SetAPLanSettings Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...

CVE-2023-44404 D-Link DAP-1325 get_value_from_app Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1325 getvaluefromapp Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-44405 D-Link DAP-1325 get_value_of_key Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1325 getvalueofkey Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-44405 D-Link DAP-1325 get_value_of_key Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1325 getvalueofkey Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-42121 Control Web Panel Missing Authentication Remote Code Execution Vulnerability

Control Web Panel Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Control Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

CVE-2023-42116

Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...

CVE-2023-42116

Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling o...

CVE-2023-42115

Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens ...

CVE-2023-42115

Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens ...

CVE-2023-42108

CVE-2023-42108 affects PDF-XChange Editor. The vulnerability arises in EMF file parsing where absence of validating an object’s existence before operations leads to a use-after-free, enabling remote code execution . Impact is high (C/H/I/A all high) and requires user interaction (visit a maliciou...

CVE-2023-42071 PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

CVE-2023-42038 Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-41228

The CVE-2023-41228 case affects D-Link DIR-3040, where the prog.cgi SetUsersSettings handler (HNAP on the lighttpd webserver) contains a stack-based buffer overflow due to improper validation of a user-supplied string. This leads to remote code execution with root privileges for network-adjacent ...

CVE-2023-41227

The CVE-2023-41227 entry concerns D-Link DIR-3040 routers. The issue is in prog.cgi handling HNAP requests to the lighttpd webserver on ports 80/443, where unsafely copied user input into a fixed-size stack buffer leads to a stack-based overflow and remote code execution in the context of root. A...