Lucene search
K

746 matches found

Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.20 views

D-Link DAP-2622 DDP Set IPv6 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.00637EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.25 views

D-Link DAP-2622 DDP Set SSID List PSK Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.00872EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.18 views

D-Link DAP-2622 DDP Set Date-Time Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.21 views

D-Link DAP-2622 DDP User Verification Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.20 views

D-Link DAP-2622 DDP Set AG Profile Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.24 views

D-Link DAP-2622 DDP Set AG Profile Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.16 views

D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.02447EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.23 views

D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS6.9AI score0.00605EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.24 views

D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.00637EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.28 views

D-Link DAP-2622 DDP Change ID Password New Username Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/25 12:0 a.m.18 views

D-Link DAP-2622 DDP Reboot Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of proper validation ...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/24 12:0 a.m.24 views

HP Color LaserJet Pro M479fdw cacheddata_http_handler Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the cacheddatahttphandler method. The issue results fro...

8.8CVSS7.3AI score0.01486EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/24 12:0 a.m.22 views

(Pwn2Own) HP Color LaserJet Pro M479fdw msws Probe Message Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Probe messages. The issue results from...

8.8CVSS7.3AI score0.00892EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/24 12:0 a.m.161 views

(Pwn2Own) HP Color LaserJet Pro M479fdw slangapp PATH_INFO Stack-based Buffer Overflow Remote Code Execution

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the slangapp binary. When parsing the value of the pass...

8.8CVSS7.4AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/23 12:0 a.m.5 views

PT-2023-4930 · D Link · D-Link Dap-2622

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2622 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. The specific flaw exists within the DDP service, resulti...

8.8CVSS7.3AI score0.00872EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2023/08/22 12:0 a.m.21 views

NETGEAR RAX30 DHCP Server Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DHCP server. The issue results from the lack of proper validation of...

8.8CVSS7.3AI score0.01097EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/22 12:0 a.m.24 views

NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the telnet C...

8CVSS7.4AI score0.00722EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/08/21 12:0 a.m.44 views

SonicWALL GMS Virtual Appliance Syslog Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SonicWALL GMS Virtual Appliance. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.5AI score0.42911EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/08/16 12:0 a.m.6 views

The vulnerability of the GTWWebMonitorService function in the CADA-system’s SCADA Data Gateway allows a intruder to execute arbitrary code.

The vulnerability of the GTWWebMonitorService function in the CADA-system’s SCADA Data Gateway SDG is related to the absence of quotation marks in the code for elements or search paths. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the root context...

8.3CVSS7.5AI score0.01577EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/08/16 12:0 a.m.9 views

The vulnerability of the SCADA system SCADA Data Gateway (SDG) arises from incorrect restrictions on the name of the path to the restricted access catalog. This allows a intruder to execute arbitrary code.

The vulnerability of the SCADA system SCADA Data Gateway SDG is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to execute any code in the root context remotely...

8.3CVSS7.3AI score0.02854EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder