4 matches found
CVE-2019-17146
This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the...
Stack overflow
This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the...
CVE-2019-17146
The CVE covers a vulnerability in D-Link DCS-960L (v1.07.102) where the HNAP service on port 80 improperly validates the length of user-supplied data in SOAPAction headers, leading to a stack-based overflow and remote code execution as the admin user. Multiple sources (ZDI advisory ZDI-19-1031, N...
CVE-2019-17146
This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the...