4 matches found
CVE-2022-43627
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2022-43627
CVE-2022-43627 affects D-Link DIR-1935 with firmware 1.03. The flaw: during SetStaticRouteIPv4Settings handling, parsing of StaticRouteIPv4Data does not validate a user-supplied string before a system call, enabling remote code execution with root privileges for network-adjacent attackers; authen...
CVE-2022-43627
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...