31 matches found
D-Link DIR-619L 安全漏洞
The D-Link DIR-619L is a wireless router designed for home and small office environments, utilizing the IEEE 802.11n wireless standard with a maximum transmission rate of 300Mbps. A stack overflow vulnerability exists in the D-Link DIR-619L /goform/formWlanGuestSetup, which stems from improperly...
D-Link DIR-816A2 安全漏洞
The D-Link DIR-816A2 is a router from China's AUO D-Link. The D-Link DIR-816A2 suffers from an Access Control Error vulnerability that stems from improper access control of the form2RepeaterSetup.cgi component, which can be exploited by an unauthenticated attacker to set up 2.4G and 5G relay...
CVE-2024-13104
A vulnerability, which was classified as critical, was found in D-Link DIR-816 A2 1.10CNB05R1B011D88210. Affected is an unknown function of the file /goform/form2AdvanceSetup.cgi of the component WiFi Settings Handler. The manipulation leads to improper access controls. It is possible to launch t...
CVE-2024-9532
A vulnerability has been found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This vulnerability affects the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to buffer overflow. The attack can be initiated remotely. The...
Cross Site Scripting (XSS)
silverstripe/framework is vulnerable to Cross Site Scripting. The vulnerability is due to a lack of adminusername and adminpassword sanitation within the setup form...
GHSA-MQF5-275H-GF6R Silverstripe framework is vulnerable to XSS in install.php
During installation, certain parameters adminusername and adminpassword are not escaped in the setup form. This issue is resolved in 3.1.14 stable, although existing users are advised to remove this file prior to deploying to a production server...
Silverstripe framework is vulnerable to XSS in install.php
During installation, certain parameters adminusername and adminpassword are not escaped in the setup form. This issue is resolved in 3.1.14 stable, although existing users are advised to remove this file prior to deploying to a production server...
PT-2024-40380 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 3.1.14 Description: The issue arises during installation, where certain parameters admin username and admin password are not properly escaped in the setup form. Recommendations: For versions prior to 3.1.14, update...
PT-2024-3754 · D Link · D-Link Dir-619L
Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L Rev.B version 2.06B1 Description: A buffer overflow issue in the /bin/boa binary via the formWlanGuestSetup function allows remote authenticated users to trigger a denial of service DoS through the webpage parameter. This...
CVE-2023-51135
TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formPasswordSetup...
CVE-2023-24344
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup...