562 matches found
CVE-2020-26561
Belkin LINKSYS WRT160NL 1.0.04.002US20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in createdir in minihttpd. Successful exploitation leads to arbitrary code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintai...
CVE-2020-26561
Belkin LINKSYS WRT160NL 1.0.04.002US20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in createdir in minihttpd. Successful exploitation leads to arbitrary code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintai...
CVE-2020-26561
Belkin LINKSYS WRT160NL devices (version 1.0.04.002_US_20130619) are affected by a stack-based buffer overflow in mini_httpd’s create_dir function caused by sprintf. Successful exploitation can lead to arbitrary code execution. The vulnerability affects products no longer supported by the maintai...
Denial Of Service (DoS)
kernel-rt is vulnerable to Denial of Service DoS. The attack exists because it uses unsafe sprintf in the Bluetooth implementation, creating a large number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary memory pages being overwritten, allowing a local, unprivileged user to...
Denial Of Service (DoS)
The kernel packages is vulnerable to Denial of Service DoS. It is due to instances of unsafe sprintf use were found in the Linux kernel Bluetooth implementation. Creating a large number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary memory pages being overwritten. A local,...
CVE-2019-5178
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...
CVE-2019-5180
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...
Stack overflow
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. The destination buffer sp+0x440 is overflowed with the call to sprintf for any domainname values that are greater than...
Command injection
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.0214. An attacker can send specially crafted packet at 0x1ea48 to the extracted hostname value from the xml file that is used as an argument to...
CVE-2019-5181
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in co...
CVE-2019-5180
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is...
CVE-2019-5177
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. The destination buffer sp+0x440 is overflowed with the call to sprintf for any domainname values that are greater than...
CVE-2019-5169
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially...
CVE-2019-5182
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x440 is...
CVE-2019-5174
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted...
Stack overflow
An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x440 is...
Command injection
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted...
Command injection
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially...
Command injection
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. An attacker can send a specially crafted XML cache file At 0x1e8a8 the extracted domainname value from the xml file is used as an argument to...
Command injection
An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.0214. At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/editdnsserver %s dns-server-nr=%d dns-server-name= using...