746 matches found
CVE-2023-37326
CVE-2023-37326 affects D-Link DAP-2622 routers due to a stack-based buffer overflow in the DDP Set Wireless Info Password pathway. The flaw arises from improper validation of user-supplied data length before copying into a fixed-length stack buffer, enabling remote code execution with root privil...
CVE-2023-37323 D-Link DAP-2622 DDP Set SSID List PSK Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set SSID List PSK Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability...
CVE-2023-37323
CVE-2023-37323 affects D-Link DAP-2622 via the DDP Set SSID List PSK stack-based buffer overflow in the DDP service. The flaw stems from missing validation of user-supplied data length before copying into a fixed-size stack buffer, enabling remote code execution with root privileges by network-ad...
CVE-2023-37322 D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-37318
CVE-2023-37318 affects D-Link DAP-2622 routers via a stack-based buffer overflow in the DDP Set IPv6 Address/Assist DNS path. The root cause is insufficient validation of the length of user-supplied data copied into a fixed-length stack buffer, allowing network-adjacent attackers to execute arbit...
CVE-2023-37317 D-Link DAP-2622 DDP Set IPv6 Address Primary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set IPv6 Address Primary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-37316
CVE-2023-37316 affects D-Link DAP-2622 routers via the DDP service. The root cause is improper validation of user-supplied data length before copying to a fixed-size stack-based buffer, enabling a stack-based buffer overflow that allows remote code execution with root privileges. The vulnerabilit...
CVE-2023-37315
CVE-2023-37315 affects D-Link DAP-2622 routers. The DDP Set IPv6 Address Authentication Password vulnerability stems from improper validation of user-supplied data length copied into a fixed-length stack buffer, enabling remote code execution as root. Exploitation appears possible over a network-...
CVE-2023-37315 D-Link DAP-2622 DDP Set IPv6 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set IPv6 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-37313 D-Link DAP-2622 DDP Set IPv4 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set IPv4 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-37312 D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-37312
The CVE-2023-37312 entry concerns the D-Link DAP-2622 DDP Set Device Info Device Name vulnerability. The root cause is a stack-based buffer overflow in the DDP service due to improper validation of the length of user-supplied data before copying to a fixed-size stack buffer. This allows network-a...
CVE-2023-37310 D-Link DAP-2622 DDP Set Device Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set Device Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-37310 D-Link DAP-2622 DDP Set Device Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set Device Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35755 D-Link DAP-2622 DDP Set Date-Time Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set Date-Time Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35754 D-Link DAP-2622 DDP Set AG Profile NMS URL Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set AG Profile NMS URL Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35753
CVE-2023-35753 concerns D-Link DAP-2622. The DDP Set AG profile UUID component has a stack-based buffer overflow due to improper validation of user-supplied data length, enabling remote code execution with root privileges on routers. The vulnerability is exploitable by network-adjacent attackers ...
CVE-2023-35753 D-Link DAP-2622 DDP Set AG Profile UUID Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set AG Profile UUID Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerabilit...
CVE-2023-35751 D-Link DAP-2622 DDP Set AG Profile Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Set AG Profile Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35751
Affected product: D-Link DAP-2622 (DDP service). Vulnerability: Stack-based buffer overflow caused by improper validation of the length of user-supplied data prior to copying it into a fixed-length stack buffer, leading to remote code execution in the context of root. Impact/conditions: Remote co...