EUVD-2021-21508

Malware in sbrugna...

CVE-2021-34861

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webproc endpoint, which listens on TCP port 80 by defaul...

PT-2025-6916 · D Link · D-Link Dir-816

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 version 1.01TO Description: A vulnerability has been found in the D-Link DIR-816, affecting an unknown functionality of the file /cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G basic. The manipulation of...

CVE-2023-32144

D-Link DAP-1360 webproc COMMMakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this...

CVE-2023-32144

D-Link DAP-1360 webproc COMMMakeCustomMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this...

CVE-2023-32146

D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. T...

CVE-2023-32139

D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific...

CVE-2023-32137

D-Link DAP-1360 webproc WEBDisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerabilit...

CVE-2023-32140

D-Link DAP-1360 webproc var:sysToken Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. T...

CVE-2023-32142

D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-32142

D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-32138

D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific...

CVE-2023-32136

D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-32142 D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...

CVE-2023-32140

CVE-2023-32140 affects D-Link DAP-1360 via a heap-based buffer overflow in the webproc endpoint (/cgi-bin/webproc) when parsing var:sys_Token. The flaw allows network-adjacent attackers (no authentication) to execute code with root privileges. Impact is remote code execution with full device comp...

CVE-2023-32136

CVE-2023-32136 concerns D-Link DAP-1360 webproc var:menu stack-based buffer overflow leading to remote code execution. Affected component: the /cgi-bin/webproc endpoint handling of the var:menu parameter; root-level arbitrary code execution is possible without authentication. Exploitation details...

D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage...

D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing t...

The vulnerability of the microprogrammed software of D-Link DAP-2020 and DAP-1360 allows a intruder to execute arbitrary code.

The vulnerability of the microprogrammed software of D-Link’s DAP-2020 and DAP-1360 wireless access points is related to buffer overflow during the processing of the var:menu parameter at the webproc end point. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the COMM_MakeCustomMsg() function in D-Link’s wireless access points DAP-2020 and DAP-1360 allows a hacker to execute arbitrary code.

The vulnerability of the COMMMakeCustomMsg function in D-Link’s wireless access points DAP-2020 and DAP-1360 is related to buffer overflows during the processing of the webproc endpoint. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...