Lucene search
K

306 matches found

Vulnrichment
Vulnrichment
added 2024/05/03 2:15 a.m.17 views

CVE-2023-51623 D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

6.8CVSS7.8AI score0.01126EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 2:15 a.m.68 views

CVE-2023-51618

CVE-2023-51618 affects D-Link DIR-X3260. The flaw is a stack-based buffer overflow in prog.cgi handling HNAP requests on lighttpd (ports 80/443). It arises from improper validation of a user-supplied string copied into a fixed-length buffer, enabling remote code execution with root privileges. At...

6.8CVSS7.2AI score0.01126EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/03 2:15 a.m.36 views

CVE-2023-51614 D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

6.8CVSS7.3AI score0.01126EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:15 a.m.24 views

CVE-2023-51615 D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this...

6.8CVSS7.8AI score0.01126EPSS
Exploits0References2
NVD
NVD
added 2024/05/03 2:15 a.m.33 views

CVE-2023-34275

D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the...

8CVSS7.2AI score0.0176EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 2:15 a.m.58 views

CVE-2023-51595

Vulnerability (CVE-2023-51595) : Voltronic Power ViewPower Pro is affected by a SQL injection in the selectDeviceListBy method. The flaw stems from insufficient validation of a user-supplied string used to build SQL queries, allowing an attacker to execute arbitrary code in the context of LOCAL S...

9.8CVSS9.9AI score0.48168EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 2:15 a.m.10 views

CVE-2023-51586 Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability

Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...

9.8CVSS8.6AI score0.01331EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 2:14 a.m.71 views

CVE-2023-50232

CVE-2023-50232 exposes a remote code execution in Inductive Automation Ignition via a getParams argument injection. The flaw stems from insufficient validation of a user-supplied string used to form a system-call argument, allowing code execution in the context of the current user. Exploitation r...

8.8CVSS9AI score0.01386EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/03 2:14 a.m.65 views

CVE-2023-50215

CVE-2023-50215 – D-Link G416 : A vulnerability in the HTTP service listening on port 80 on D-Link G416 routers allows remote code execution as root due to improper validation of a user-supplied string before using it in a system call. This enables network-adjacent attackers (no authentication req...

8.8CVSS9.1AI score0.00946EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/03 2:14 a.m.64 views

CVE-2023-50204

CVE-2023-50204 describes a command-injection remote code execution in the D-Link G416 wireless router. The flaw resides in the HTTP service (TCP port 80) and stems from insufficient validation of a user-supplied string used to perform a system call, allowing network-adjacent attackers to execute ...

8.8CVSS9.1AI score0.00946EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/03 2:14 a.m.78 views

CVE-2023-50198

The CVE-2023-50198 issue affects the D-Link G416 wireless router. A command-injection vulnerability in the HTTP service (port 80) allows network-adjacent attackers to inject commands and execute code with root privileges due to insufficient validation of user-supplied input before a system call. ...

8.8CVSS9.1AI score0.01187EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/03 2:13 a.m.25 views

CVE-2023-42122 Control Web Panel wloggui Command Injection Local Privilege Escalation Vulnerability

Control Web Panel wloggui Command Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Control Web Panel. An attacker must first obtain the ability to execute low-privileged code on the target system in...

7.8CVSS8.2AI score0.00712EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/03 2:13 a.m.16 views

CVE-2023-42120 Control Web Panel dns_zone_editor Command Injection Remote Code Execution Vulnerability

Control Web Panel dnszoneeditor Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Control Web Panel. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS8.2AI score0.02126EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/03 2:12 a.m.21 views

CVE-2023-41221 D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...

6.8CVSS7.8AI score0.00705EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:12 a.m.22 views

CVE-2023-41223 D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this...

6.8CVSS7.8AI score0.00705EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 2:12 a.m.21 views

CVE-2023-41218 D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability...

6.8CVSS7.8AI score0.00705EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 2:12 a.m.73 views

CVE-2023-41217

CVE-2023-41217 affects D-Link DIR-3040 routers. The vulnerability resides in the prog.cgi handling of HNAP requests to the lighttpd webserver on ports 80/443, where unsafely copied user input into a fixed-length stack buffer leads to a stack-based buffer overflow . This permits remote code execut...

7.1CVSS7.5AI score0.00584EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/03 2:11 a.m.94 views

CVE-2023-41198

CVE-2023-41198 impacts the D-Link DAP-1325 router. The flaw is in the HNAP1 endpoint under the function SetHostIPv6StaticSettings, specifically the StaticDNS1 parameter. Lack of validation of a user-supplied string leads to command injection and remote code execution with root privileges. Attack ...

8.8CVSS9.1AI score0.01187EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/05/03 1:57 a.m.90 views

CVE-2023-34278

CVE-2023-34278 concerns the D-Link DIR-2150 router. The vulnerability lies in the SOAP API interface (listening on port 80) where a user-supplied string is not properly validated before being used in a system call, allowing a network-adjacent attacker to execute code with root privileges. Authent...

8CVSS7.3AI score0.0176EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 1:57 a.m.19 views

CVE-2023-34275 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability

D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the...

6.8CVSS8.1AI score0.0176EPSS
Exploits0References1
Rows per page
Query Builder