CVE-2022-37130

In D-Link DIR-816 A2v1.10CNB04, DIR-878 DIR878FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability...

Command injection

In D-Link DIR-816 A2v1.10CNB04, DIR-878 DIR878FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability...

D-Link DIR-816 操作系统命令注入漏洞

The D-Link DIR-816 is a wireless router from China's AUO D-Link. The D-Link DIR-816 A2v1.10CNB04.img suffers from an operating system command injection vulnerability that stems from being susceptible to command injection via /goform/Diagnosis, where setnum is spliced and then executed after the...

karchive/karchive_fuzzer: Use-of-uninitialized-value in QByteArray::setNum

Project: git://anongit.kde.org/karchive Detailed report: https://oss-fuzz.com/testcase?key=5649136667328512 Project: karchive Fuzzer: libFuzzerkarchivefuzzer Fuzz target binary: karchivefuzzer Job Type: libfuzzermsankarchive Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...