176 matches found
PT-2025-47527
Name of the Vulnerable Software and Affected Versions D-Link Router DIR-868L version FW106KRb01 Description The D-Link Router DIR-868L version FW106KRb01 contains a remote code execution issue in the cgibin binary. The HNAP service within cgibin does not properly filter the HTTP SOAPAction header...
CVE-2025-63932
D-Link Router DIR-868L A1 FW106KRb01.bin has an unauthenticated remote code execution vulnerability in the cgibin binary. The HNAP service provided by cgibin does not filter the HTTP SOAPAction header field. The unauthenticated remote attacker can execute the shell command...
EUVD-2008-7098
Malware in sbrugna...
EUVD-2021-21474
Malware in sbrugna...
EUVD-2013-1498
Malware in sbrugna...
EUVD-2021-21475
Malware in sbrugna...
EUVD-2019-3093
Malware in sbrugna...
EUVD-2023-39722
Malicious code in bioql PyPI...
EUVD-2022-46626
Malicious code in bioql PyPI...
EUVD-2022-41281
Malicious code in bioql PyPI...
CVE-2025-10779
A vulnerability was found in D-Link DCS-935L up to 1.13.01. The impacted element is the function sub402280 of the file /HNAP1/. The manipulation of the argument HNAPAUTH/SOAPAction results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and...
CVE-2025-10779
CVE-2025-10779 concerns the D-Link DCS-935L router (firmware up to 1.13.01). The vulnerability occurs in the HNAP1/ file, in the function sub_402280, where manipulating the HNAP_AUTH/SOAPAction argument enables a stack-based buffer overflow. The issue is exploitable remotely and, per sources, the...
CVE-2021-34828
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...
CVE-2021-34827
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue...
CVE-2024-54807
In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...
CVE-2024-54807
In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...
CVE-2024-54807
In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...
CVE-2025-2359
A vulnerability classified as critical has been found in D-Link DIR-823G 1.0.2B0520181207. Affected is the function SetDDNSSettings of the file /HNAP1/ of the component DDNS Service. The manipulation of the argument SOAPAction leads to improper authorization. It is possible to launch the attack...
Netgear R6700v3 Unauthenticated LAN Admin Password Reset
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R6700v3 Unauthenticated LAN Admin Password Reset', 'Description' = %q This module targets ZDI-20-704 aka CVE-2020-10924, a buffer overflo...
CVE-2023-35723
D-Link DIR-X3260 prog.cgi SOAPAction Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The...