26 matches found
CVE-2021-27239
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on...
EUVD-2022-29530
Malicious code in bioql PyPI...
D-Link DIR-619L /bin/mini_upnpd Buffer Overflow Vulnerability
D-Link DIR-619L is a home wireless router from AUO D-Link, designed for home and small office environments, utilizing the IEEE 802.11n wireless standard with a maximum transmission rate of 300Mbps. The D-Link DIR-619L suffers from a buffer overflow vulnerability that originates from improper inpu...
D-Link DIR-619 缓冲区错误漏洞
D-Link DIR-619L is a home wireless router from AUO D-Link, designed for home and small office environments, utilizing the IEEE 802.11n wireless standard with a maximum transmission rate of 300Mbps. The D-Link DIR-619L suffers from a buffer overflow vulnerability that originates from improper inpu...
CVE-2022-24655
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication...
CVE-2022-24655
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication...
CVE-2022-24655
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication...
CVE-2022-24655
CVE-2022-24655 is a reported stack overflow vulnerability in the upnpd service affecting Netgear EX6100v1 (firmware 201.0.2.28), CAX80 (2.1.2.6), and DC112A (1.0.0.62). The root cause is a stack overflow in upnpd, which may allow execution of arbitrary code without authentication. Affected produc...
CVE-2022-24655
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication...
CVE-2021-35393
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or miniupnpd and is the successor to miniigd. The server is vulnerable to a stack buffer overflow vulnerability that is present due ...
Realtek Jungle SDK 缓冲区错误漏洞
The Realtek Jungle SDK provides an HTTP web server that exposes a management interface that can be used to configure access points. A security vulnerability exists in the Realtek Jungle SDK, which stems from the fact that Realtek Jungle SDK versions v2.x through v3.4.14B provide a "WiFi Simple...
CVE-2021-27239
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on...
CVE-2021-27239
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on...
CVE-2021-27239
The CVE-2021-27239 issue affects NETGEAR R6400 and R6700 routers with firmware 1.0.4.98. The flaw resides in the upnpd service, which listens on UDP port 1900; a crafted MX header in an SSDP message can overflow a fixed-length stack-based buffer, allowing network-adjacent attackers to execute arb...
CVE-2021-27239
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 firmware version 1.0.4.98 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on...
CVE-2020-28373
upnpd on certain NETGEAR devices allows remote LAN attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.10210.0.75, R6400 V1.0.1.621.0.41, R7000P V1.3.2.12610.1.66, XR300 V1.0.3.5010.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST...
CVE-2020-28373
upnpd on certain NETGEAR devices allows remote LAN attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.10210.0.75, R6400 V1.0.1.621.0.41, R7000P V1.3.2.12610.1.66, XR300 V1.0.3.5010.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST...
Stack overflow
upnpd on certain NETGEAR devices allows remote LAN attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.10210.0.75, R6400 V1.0.1.621.0.41, R7000P V1.3.2.12610.1.66, XR300 V1.0.3.5010.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST...
CVE-2020-28373
upnpd on certain NETGEAR devices allows remote LAN attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.10210.0.75, R6400 V1.0.1.621.0.41, R7000P V1.3.2.12610.1.66, XR300 V1.0.3.5010.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST...
CVE-2020-28373
CVE-2020-28373 concerns NETGEAR devices where the upnpd service is vulnerable to a stack-based buffer overflow, enabling remote code execution from the LAN. Affected models include R6400v2 (v1.0.4.102_10.0.75) and R6400 (v1.0.1.62_1.0.41), R7000P (v1.3.2.126_10.1.66), XR300 (v1.0.3.50_10.3.36), R...