CVE-2025-60672

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are stored in NVRAM and later used by rc to...

CVE-2025-12239

TL;DR: CVE-2025-12239 affects TOTOLINK A3300R. The vulnerability lies in the setDdnsCfg function in /cgi-bin/cstecgi.cgi, where improper input length validation can cause a buffer overflow. Reported by multiple sources, it can be exploited remotely and may lead to arbitrary code execution or deni...

CVE-2023-51613

D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

D-Link DIR-882 缓冲区错误漏洞

The D-Link DIR-882 is a wireless router from China-based AUO D-Link. The D-Link DIR-882 DIR882A1FW130B06 suffers from a buffer error vulnerability that stems from the discovery of a contained stack overflow via the Password parameter in the SetDynamicDNSSettings module...