4 matches found
VulnCheck KEV: CVE-2024-51977
An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...
CVE-2023-50208
D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw...
PT-2023-7951 · D Link · D-Link G416
Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. The specific flaw exists within the HTTP service listening on TC...
PT-2023-8009 · D Link · D-Link G416
Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: The issue is related to the cfgsave backusb function of the D-Link G416 router's firmware, which does not properly neutralize special elements used in an operating system command. This...