15 matches found
EUVD-2022-46621
Malicious code in bioql PyPI...
CVE-2022-43625
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2022-43625
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Stack overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2022-43627
CVE-2022-43627 affects D-Link DIR-1935 with firmware 1.03. The flaw: during SetStaticRouteIPv4Settings handling, parsing of StaticRouteIPv4Data does not validate a user-supplied string before a system call, enabling remote code execution with root privileges for network-adjacent attackers; authen...
CVE-2022-43625
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2022-43627
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
The vulnerability of the SetStaticRouteIPv4Settings() function in the web interface for managing D-Link DIR-1935 router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the SetStaticRouteIPv4Settings function in the web interface for managing D-Link DIR-1935 router microprogramming software is related to the copying of buffers without checking the size of the input data when processing the NetMask element. Exploiting this vulnerability could...
The vulnerability of the SetStaticRouteIPv4Settings() function in the web interface for managing D-Link DIR-1935 router microprogramming software allows a hacker to execute arbitrary code.
The vulnerability of the SetStaticRouteIPv4Settings function in the web interface for managing D-Link DIR-1935 router microprogramming software is related to the failure of the system to properly validate the input data entered by the user when processing the StaticRouteIPv4Data element. Exploiti...
D-Link DIR-1935 SetStaticRouteIPv4Settings StaticRouteIPv4Data Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...
D-Link DIR-1935 SetStaticRouteIPv4Settings NetMask Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...
The vulnerability of the SetStaticRouteIPv4Settings() function in D-Link’s micro-programmed router software allows a hacker to execute arbitrary code.
The vulnerability of the SetStaticRouteIPv4Settings function in D-Link’s microprogrammed router software is related to insufficient cleaning of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Command injection
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST...
CVE-2019-8319
An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST...