CVE-2023-37331

Kofax Power PDF GIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-51621

CVE-2023-51621 affects the D-Link DIR-X3260, specifically the prog.cgi SetDeviceSettings handler used by the lighttpd webserver. The vulnerability is a stack-based buffer overflow in a user-supplied string copy to a fixed-size buffer when processing HNAP requests on ports 80/443, allowing an atta...

CVE-2023-51620

The CVE-2023-51620 entry concerns D-Link DIR-X3260 routers, where the flaw is in the prog.cgi handling HNAP requests on the lighttpd webserver. The vulnerability is a stack-based buffer overflow in SetIPv6PppoeSettings, triggered by insufficient validation of a user-supplied string copied into a ...

CVE-2023-37324

D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-51620 D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

CVE-2023-37324

D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-37317

D-Link DAP-2622 DDP Set IPv6 Address Primary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-51619 D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

CVE-2023-51618

CVE-2023-51618 affects D-Link DIR-X3260. The flaw is a stack-based buffer overflow in prog.cgi handling HNAP requests on lighttpd (ports 80/443). It arises from improper validation of a user-supplied string copied into a fixed-length buffer, enabling remote code execution with root privileges. At...

CVE-2023-51618 D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

CVE-2023-37315

D-Link DAP-2622 DDP Set IPv6 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-37312

D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-37311

D-Link DAP-2622 DDP Set Device Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-35747

D-Link DAP-2622 DDP Firmware Upgrade Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-35753

D-Link DAP-2622 DDP Set AG Profile UUID Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerabilit...

CVE-2023-35751

D-Link DAP-2622 DDP Set AG Profile Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

CVE-2023-51614

The CVE-2023-51614 entry concerns D-Link DIR-X3260 routers. A flaw in the prog.cgi function handling HNAP requests on the lighttpd webserver (ports 80/443) allows a stack-based buffer overflow via an unsafely copied user-supplied string in SetQuickVPNSettings Password, enabling remote code execut...

CVE-2023-51615 D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

CVE-2023-35744

D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to...

CVE-2023-51614 D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...