Lucene search
K

176 matches found

Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.16 views

PT-2025-47527

Name of the Vulnerable Software and Affected Versions D-Link Router DIR-868L version FW106KRb01 Description The D-Link Router DIR-868L version FW106KRb01 contains a remote code execution issue in the cgibin binary. The HNAP service within cgibin does not properly filter the HTTP SOAPAction header...

7.5CVSS8AI score0.06544EPSS
Exploits1References11
Vulnrichment
Vulnrichment
added 2025/11/19 12:0 a.m.4 views

CVE-2025-63932

D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by cgibin does not filter the HTTP SOAPAction header field. The unauthenticated remote attacker can execute the shell command...

8.1AI score0.06544EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-7098

Malware in sbrugna...

6.8CVSS6.4AI score0.00728EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-21474

Malware in sbrugna...

8.8CVSS8.8AI score0.02333EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-1498

Malware in sbrugna...

7.8CVSS6.3AI score0.01849EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-21475

Malware in sbrugna...

8.8CVSS8.8AI score0.02333EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-3093

Malware in sbrugna...

9.8CVSS9.5AI score0.01532EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-39722

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.01467EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-46626

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.01006EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-41281

Malicious code in bioql PyPI...

5.9CVSS5.8AI score0.00475EPSS
Exploits0References1
OSV
OSV
added 2025/09/22 4:15 a.m.7 views

CVE-2025-10779

A vulnerability was found in D-Link DCS-935L up to 1.13.01. The impacted element is the function sub402280 of the file /HNAP1/. The manipulation of the argument HNAPAUTH/SOAPAction results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and...

9.8CVSS6.2AI score0.00815EPSS
Exploits1References7
CVE
CVE
added 2025/09/22 3:2 a.m.43 views

CVE-2025-10779

CVE-2025-10779 concerns the D-Link DCS-935L router (firmware up to 1.13.01). The vulnerability occurs in the HNAP1/ file, in the function sub_402280, where manipulating the HNAP_AUTH/SOAPAction argument enables a stack-based buffer overflow. The issue is exploitable remotely and, per sources, the...

9.8CVSS8.9AI score0.00815EPSS
Exploits1References7Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 7:52 p.m.5 views

CVE-2021-34828

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...

8.8CVSS7.2AI score0.02333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:52 p.m.9 views

CVE-2021-34827

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...

8.8CVSS7.2AI score0.02333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 12:35 a.m.19 views

CVE-2024-54807

In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...

9.8CVSS7.8AI score0.02275EPSS
Exploits1References1
NVD
NVD
added 2025/03/31 9:15 p.m.20 views

CVE-2024-54807

In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...

9.8CVSS0.02275EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/31 12:0 a.m.10 views

CVE-2024-54807

In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...

7.8AI score0.02275EPSS
Exploits1References1
OSV
OSV
added 2025/03/17 4:15 a.m.6 views

CVE-2025-2359

A vulnerability classified as critical has been found in D-Link DIR-823G 1.0.2B0520181207. Affected is the function SetDDNSSettings of the file /HNAP1/ of the component DDNS Service. The manipulation of the argument SOAPAction leads to improper authorization. It is possible to launch the attack...

9.8CVSS5.5AI score0.14005EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.199 views

Netgear R6700v3 Unauthenticated LAN Admin Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R6700v3 Unauthenticated LAN Admin Password Reset', 'Description' = %q This module targets ZDI-20-704 aka CVE-2020-10924, a buffer overflo...

8.8CVSS7AI score0.87343EPSS
Exploits2
OSV
OSV
added 2024/05/03 2:15 a.m.4 views

CVE-2023-35723

D-Link DIR-X3260 prog.cgi SOAPAction Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS6.2AI score0.01467EPSS
Exploits0References2
Rows per page
Query Builder