Lucene search
K

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•17 views

PDF-XChange Editor EMF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.8AI score0.0043EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•19 views

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.9AI score0.00391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•17 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.7AI score0.00406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•16 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.7AI score0.00406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•19 views

PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.9AI score0.00391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•12 views

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.8AI score0.00406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•19 views

Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Visualware MyConnection Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doRTAAccessUPass method. The issue results from an exposed...

7.5CVSS6.3AI score0.0094EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•19 views

PDF-XChange Editor JPC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.9AI score0.00391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•32 views

PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6AI score0.00415EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•21 views

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.9AI score0.00391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•23 views

PDF-XChange Editor Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS6.8AI score0.0043EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•18 views

Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

7.8CVSS6.9AI score0.00345EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•24 views

PDF-XChange Editor JPG File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.8AI score0.0043EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•16 views

PDF-XChange Editor PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.8AI score0.00439EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•16 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.7AI score0.00406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•14 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.7AI score0.00406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•18 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.7AI score0.00406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•12 views

Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

7.8CVSS6.8AI score0.00351EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•12 views

PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.7AI score0.00406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•21 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.9AI score0.00391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•23 views

PDF-XChange Editor JPG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.8AI score0.00439EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•25 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.7AI score0.00406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/08 12:0 a.m.•16 views

Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

7.8CVSS6.9AI score0.00352EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•26 views

D-Link DIR-3040 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•28 views

D-Link DIR-3040 prog.cgi SetDeviceSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•26 views

D-Link DAP-1325 SetHostIPv6StaticSettings StaticDNS1 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•25 views

D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•23 views

D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

7.5CVSS7.3AI score0.00759EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•28 views

D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•24 views

D-Link DAP-1325 SetTriggerAPValidate Key Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•28 views

D-Link DAP-1325 SetHostIPv6StaticSettings StaticDefaultGateway Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•25 views

D-Link DAP-1325 SetHostIPv6StaticSettings StaticDNS2 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•18 views

D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•20 views

D-Link DAP-1325 HNAP SetAPLanSettings DeviceName Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoin...

8.8CVSS7.3AI score0.01187EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•37 views

Synology RT6600ax info.cgi Exposure of Sensitive Data Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Synology RT6600ax routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the info.cgi file. The issue results from the exposure of sensitive da...

5.3CVSS6.1AI score0.00687EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•27 views

D-Link DAP-1325 HNAP SetAPLanSettings PrimaryDNS Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoin...

8.8CVSS7.3AI score0.01187EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•22 views

D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDNS2 Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoin...

8.8CVSS7.3AI score0.01187EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•25 views

D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•30 views

D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

7.1CVSS7.3AI score0.00584EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•20 views

D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticPrefixLength Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoin...

8.8CVSS7.3AI score0.01187EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•23 views

D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•21 views

D-Link DAP-1325 SetAPLanSettings SecondaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•23 views

D-Link DIR-3040 prog.cgi SetTriggerPPPoEValidate Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•20 views

D-Link DAP-1325 HNAP SetAPLanSettings IPAddr Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoin...

8.8CVSS7.3AI score0.01187EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•15 views

D-Link DAP-1325 SetHostIPv6StaticSettings StaticAddress Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•18 views

D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticAddress Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoin...

8.8CVSS7.3AI score0.01187EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•23 views

D-Link DAP-1325 HNAP SetSetupWizardStatus Enabled Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the HNAP1 SOAP endpoin...

8.8CVSS7.3AI score0.01187EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•25 views

D-Link DIR-3040 HTTP Request Processing Referer Heap-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

8.8CVSS7.3AI score0.00846EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•24 views

D-Link DAP-1325 SetAPLanSettings PrimaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•23 views

D-Link DAP-1325 SetAPLanSettings SubnetMask Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issu...

8.8CVSS7.3AI score0.00855EPSS
Exploits0References1
Total number of security vulnerabilities16763