Lucene search
K

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2023/10/19 12:0 a.m.•30 views

SolarWinds Access Rights Manager OpenFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenFile method. The issue results from the lack of proper validati...

9.8CVSS8.8AI score0.01145EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/19 12:0 a.m.•37 views

SolarWinds Access Rights Manager createGlobalServerChannelInternal Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the createGlobalServerChannelInternal method. The issue results from th...

9.8CVSS8.9AI score0.02376EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/19 12:0 a.m.•49 views

SolarWinds Access Rights Manager OpenClientUpdateFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenClientUpdateFile method. The issue results from the lack of...

9.8CVSS7.3AI score0.02968EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/19 12:0 a.m.•25 views

NI Measurement & Automation Explorer Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Measurement & Automation Explorer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of response data from devices. The issue results from t...

8.1CVSS7.2AI score0.00623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/19 12:0 a.m.•26 views

Siemens Tecnomatix Plant Simulation IGS File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS6.8AI score0.00224EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/19 12:0 a.m.•19 views

Siemens Tecnomatix Plant Simulation SPP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS6.8AI score0.00213EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/18 12:0 a.m.•27 views

F5 BIG-IP OS unzip Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of F5 BIG-IP OS. Authentication is required to exploit this vulnerability. The specific flaw exists within the unzip method. The issue results from the lack of proper validation of a user-supplied path...

8.8CVSS7.3AI score0.02375EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•28 views

Microsoft Windows UMPDDrvPlgBlt Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•17 views

(Pwn2Own) Microsoft Teams Cross-Site Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

5CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•29 views

Microsoft Windows IsSurfaceLockable Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•32 views

Microsoft Windows UMPDDrvBitBlt Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•33 views

Microsoft Windows UMPDDrvBitBlt Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•16 views

Siemens Tecnomatix Plant Simulation PRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS6.8AI score0.00246EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•37 views

Microsoft Windows bStretch Improper Input Validation Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS7AI score0.0784EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•40 views

Microsoft Windows UMPDDrvCopyBits Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•39 views

Microsoft Windows UMPDDrvPlgBlt Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•34 views

Microsoft Windows UMPDDrvStretchBltROP Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•24 views

Microsoft Windows UMPDDrvCopyBits Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•26 views

Adobe Bridge Font Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

3.3CVSS5.9AI score0.00435EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•25 views

Microsoft Windows UMPDDrvStretchBltROP Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•27 views

Microsoft Windows DirectX GpuMmu Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of GP...

8.8CVSS7AI score0.05594EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•33 views

Microsoft Windows DEVLOCKBLTOBJ Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DEVLOCKBLTOBJ...

8.8CVSS7AI score0.00807EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•25 views

(Pwn2Own) Microsoft Teams Incorrect Privilege Assignment Local Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft Teams. An attacker must first obtain the ability to execute script within the application window in order to exploit this vulnerability. The specific flaw exists within the processing of globa...

7.5CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•20 views

Siemens Tecnomatix Plant Simulation PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS6.8AI score0.00209EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•32 views

Microsoft Windows UMPDDrvStretchBlt Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•26 views

Microsoft Windows UMPDDrvStretchBlt Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•19 views

Adobe Photoshop PSD File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD...

7.8CVSS6.8AI score0.00334EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•19 views

Siemens Tecnomatix Plant Simulation PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS6.8AI score0.00213EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•22 views

Adobe Bridge Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

3.3CVSS5.8AI score0.00396EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/06 12:0 a.m.•21 views

Microsoft Windows UMPDDrvStretchBltROP Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

8.8CVSS7AI score0.01229EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/06 12:0 a.m.•24 views

Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Magnet Forensics AXIOM. User interaction is required to exploit this vulnerability in that the target must acquire data from a malicious mobile device. The specific flaw exists within the...

8CVSS7.1AI score0.00757EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/10/06 12:0 a.m.•29 views

Microsoft Windows UMPDDrvLineTo Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

8.8CVSS7AI score0.01229EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/06 12:0 a.m.•20 views

Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

7.8CVSS6.8AI score0.00399EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/05 12:0 a.m.•18 views

Delta Electronics DIAEnergie HandlerUploadCarbon Use Of Hard-Coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Delta Electronics DIAEnergie. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requests to the HandlerUploadCarbon endpoint. The issue...

9.8CVSS9.5AI score0.01488EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/05 12:0 a.m.•23 views

Delta Electronics DIAEnergie HandlerUploadTag Use Of Hard-Coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Delta Electronics DIAEnergie. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requests to the HandlerUploadTag endpoint. The issue resul...

9.8CVSS9.5AI score0.01488EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/05 12:0 a.m.•37 views

Microsoft PC Manager SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on Microsoft PC Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the permissions granted to an SAS token. An attacker can leverage this vulnerability to launch a supply-chain...

10CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/05 12:0 a.m.•22 views

Delta Electronics DIAEnergie HandlerUploadCalendar Use Of Hard-Coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Delta Electronics DIAEnergie. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requests to the HandlerUploadCalendar endpoint. The issue...

9.8CVSS9.5AI score0.01488EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/05 12:0 a.m.•43 views

Microsoft PC Manager SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on Microsoft PC Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the permissions granted to an SAS token. An attacker can leverage this vulnerability to launch a supply-chain...

10CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/05 12:0 a.m.•20 views

Ivanti Endpoint Manager ProcessEPMAuthToken Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ProcessEPMAuthToken method. The issue results from the lack of proper...

9.8CVSS7.4AI score0.03148EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•22 views

Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XB...

7.8CVSS6.8AI score0.00345EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•27 views

(0Day) D-Link DIR-X3260 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within prog.cgi,...

8CVSS7.4AI score0.01114EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•24 views

A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of A10 Thunder ADC. Authentication is required to exploit this vulnerability. The specific flaw exists within the ShowTechDownloadView class. The issue results from the lack of proper validation...

6.5CVSS6.2AI score0.02389EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•23 views

A10 Thunder ADC FileMgmtExport Directory Traversal Arbitrary File Read and Deletion Vulnerability

This vulnerability allows remote attackers to read and delete arbitrary files on affected installations of A10 Thunder ADC. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileMgmtExport class. The issue results from the lack of proper validation of a...

8.3CVSS6.6AI score0.02066EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•19 views

(0Day) D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. The specific flaw exists within the showUsers method. The issue results from the lack of proper authorization before accessing a...

8.8CVSS6.6AI score0.01452EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•32 views

(0Day) D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within prog.cgi,...

8CVSS7.4AI score0.01114EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•25 views

(0Day) D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.0075EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•31 views

(0Day) D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1260 and DIR-2150 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the CLI service, which listens on TCP port 23. The issue...

6.8CVSS7.4AI score0.00997EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•22 views

(0Day) D-Link DAP-1325 get_value_from_app Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.0075EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•28 views

(0Day) D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within prog.cgi,...

8CVSS7.4AI score0.01114EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/10/04 12:0 a.m.•23 views

(0Day) D-Link DIR-X3260 Prog.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

8.8CVSS7.3AI score0.00742EPSS
Exploits0
Total number of security vulnerabilities16763