EUVD-2019-16518

Malware in sbrugna...

RDK 5.3 Buffer Overflow

RDK version 5.3 suffers from a local buffer overflow vulnerability. Exploit Title: RDK v5.3 - Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Discovered Date: 17.04.2024 Vendor Homepage: http://www.shenturk.com Software Link: http://www.shenturk.com/downloads/rdk-5.3-setup.rar Tested Version...

PT-2024-9220 · Mediatek +1 · Mediatek Microchips +1

Name of the Vulnerable Software and Affected Versions: MediaTek microchip software affected versions not specified Android versions 12.0 through 15.0 openWRT versions 19.07 through 23.05 Yocto version 4.0 RDK-B versions 22Q3 through 24Q1 Description: The issue is related to an out-of-bounds write...

RDK CcspPandM module buffer overflow vulnerability (CNVD-2019-19286)

RDK is a suite of modular, portable, and customizable open source IoT software solutions from the RDK Management community. ccspPandM is one of the modules used to implement the core configuration and management functions of the device. A buffer overflow vulnerability exists in the cosadhcpv4dml....

RDK WebUI Component Access Control Error Vulnerability

RDK Management RDK is a modular, portable, and customizable open source IoT software solution from the RDK Management community. An access control error vulnerability exists in the actionHandlerUtility.php file of the WebUI component in version RDK RDKB-20181217-1. An attacker can exploit the...

CVE-2019-6961

Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations intended only for the network operator by sending an HTTP POST to the PHP backend, because the page filtering for...

CVE-2019-6961

Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations intended only for the network operator by sending an HTTP POST to the PHP backend, because the page filtering for...

CVE-2019-6964

A heap-based buffer over-read in ServiceSetParamStringValue in cosaxciscocomddnsdml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an...

CVE-2019-6964

A heap-based buffer over-read in ServiceSetParamStringValue in cosaxciscocomddnsdml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an...

CVE-2019-6964

A heap-based buffer over-read in ServiceSetParamStringValue in cosaxciscocomddnsdml.c of the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve information disclosure and code execution by crafting an AJAX call responsible for DDNS configuration with an...

CVE-2019-6963

A heap-based buffer overflow exists in cosa_dhcpv4_dml.c of the RDK RDKB-20181217-1 CcspPandM module. The issue could allow remote code execution when an attacker with login credentials crafts an oversized input in the Comment field of an IP reservation form in the admin panel, due to improper me...

CVE-2019-6963

A heap-based buffer overflow in cosadhcpv4dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the "Comment" field of an IP reservation form in the admin panel. This is related to the...

CVE-2019-6962

The CVE-2019-6962 issue affects the RDK B/CcspWifiAgent stack (RDKB-20181217-1) via the cosa_wifi_apis.c shell-injection path. If ENABLE_FEATURE_MESHWIFI is enabled, an attacker with login credentials can craft the Wi‑Fi network password to include escape characters, enabling arbitrary shell comm...

CVE-2019-6962

A shell injection issue in cosawifiapis.c in the RDK RDKB-20181217-1 CcspWifiAgent module allows attackers with login credentials to execute arbitrary shell commands under the CcspWifiSsp process running as root if the platform was compiled with the ENABLEFEATUREMESHWIFI macro. The attack is...

CVE-2019-6961

CVE-2019-6961 concerns the RDK WebUI module (RDKB-20181217-1) where access control for non-superuser actions is only enforced for GET requests; direct AJAX/POST requests bypass filtering in header.php, allowing a logged-in user to alter privileged settings (DDNS, QoS, RIP, etc.). The vulnerabilit...