176 matches found
CVE-2021-34827
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...
CVE-2021-34828
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...
Stack overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...
CVE-2021-34828
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...
CVE-2021-34828
CVE-2021-34828 affects D-Link DAP-1330 (firmware 1.13B01 BETA). The flaw is in handling of the SOAPAction HTTP header, caused by insufficient validation of the length of user-supplied data copied into a fixed-length buffer. This enables network-adjacent attackers with no authentication to execute...
CVE-2021-34827
CVE-2021-34827 affects D-Link DAP-1330 1.13B01 BETA routers. The issue is a stack-based buffer overflow in the handling of the SOAPAction HTTP header caused by improper validation of the length of user-supplied data, enabling network-adjacent attackers to execute arbitrary code in the device cont...
CVE-2021-34827
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...
(0Day) D-Link DAP-1330 HNAP checkValidRequest Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the...
(0Day) D-Link DAP-1330 lighttpd get_soap_action Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the...
CVE-2020-15631
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2020-15631
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2020-15631
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
(0Day) (Pwn2Own) NETGEAR R6700 UPnP SOAPAction Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPnP service, which listens on TCP port 5000. A crafted UPnP message...
CVE-2019-17146
This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the...
Stack overflow
This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the...
CVE-2019-17146
The CVE covers a vulnerability in D-Link DCS-960L (v1.07.102) where the HNAP service on port 80 improperly validates the length of user-supplied data in SOAPAction headers, leading to a stack-based overflow and remote code execution as the admin user. Multiple sources (ZDI advisory ZDI-19-1031, N...
D-Link DCS-960L HNAP SOAPAction Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the SOAPAction...
NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon hostapd on the NETGEAR N300 WNR2000v5 wireless router. A SOAP request sent in an invalid sequence to the service can cause a null pointer dereference, resulting in the hostapd service crashing. An...
Oracle CTI Web Service - 'EBS_ASSET_HISTORY_OPERATIONS' XML Entity Injection
Exploit Title: Oracle CTI Web Service XML Entity Exp. Exploit Author: omurugur Author Web: https://www.justsecnow.com Author Social: @omurugurrr URL : http://server/EBSASSETHISTORYOPERATIONS As can be seen in the following request / response example, the xml entity expansion attack can be...