28 matches found
The vulnerability of the SetNetworkTomographySettings module in the microprogramming software for D-Link DIR-822+ allows a hacker to execute arbitrary code.
The vulnerability of the SetNetworkTomographySettings module in the microprogramming software of D-Link DIR-822+ routers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
CVE-2023-24142
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingSize parameter in the setNetworkDiag function...
CVE-2023-24140
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagPingNum parameter in the setNetworkDiag function...
TOTOLINK CA300-PoE 命令注入漏洞
The TOTOLINK CA300-PoE is a wireless access point from China Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK CA300-PoE version V6.2c.884, which is caused by a command injection issue in the NetDiagPingNum parameter of the setNetworkDiag method...
CVE-2022-48107
D-Link DIR878FW1.30B08 was discovered to contain a command injection vulnerability via the component /setnetworksettings/IPAddress. This vulnerability allows attackers to escalate privileges to root via a crafted payload...
D-Link DIR-878 操作系统命令注入漏洞
The D-Link DIR-878 is a wireless router from China-based AUO D-Link. The D-Link DIR-878 DIR878FW1.30B08 firmware version suffers from an operating system command injection vulnerability that stems from its /SetNetworkSettings/SubnetMask component that allows attackers to achieve command injection...
The vulnerability of the implementation of the SetNetworkTomographySettings() function in the microprogrammed software for D-link DIR-823G routers allows a hacker to execute arbitrary commands.
The vulnerability of the SetNetworkTomographySettings function implementation in D-link DIR-823G router microprogramming software is related to insufficient cleaning of input data used in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending...
UBUNTU-CVE-2016-4477
wpasupplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service daemon outage, via a crafted 1 SET, 2 SETCRED, or 3 SETNETWORK command...