8 results (0.011 seconds)

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1

D-LINK DIR-859 A1 1.05 and A1 1.06B01 Beta01 was discovered to contain a command injection vulnerability via the lxmldbc_system function at /htdocs/cgibin. Se descubrió que D-LINK DIR-859 A1 1.05 y A1 1.06B01 Beta01 contiene una vulnerabilidad de inyección de comandos a través de la función lxmldbc_system en /htdocs/cgibin. • http://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-859 https://github.com/mmmmmx1/dlink/blob/main/dir-859/readme.md https://www.dlink.com/en/security-bulletin • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1

D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= variable in the soapcgi_main function. • https://github.com/Insight8991/iot/blob/main/dir859%20Command%20Execution%20Vulnerability.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1

D-Link DIR-859 v1.05 was discovered to contain a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted payload. Se ha detectado que D-Link DIR-859 versión v1.05, contiene un desbordamiento de búfer en la versión stack de la memoria por medio de la función genacgi_main. Esta vulnerabilidad permite a atacantes causar una denegación de servicio (DoS) por medio de una carga útil diseñada • https://github.com/chunklhit/cve/blob/master/dlink/DIR859/BufferOverflow.md https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10267 https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters. Los dispositivos D-Link DIR-859 versiones 1.05 y 1.06B01 Beta01, permiten a atacantes remotos ejecutar comandos arbitrarios del Sistema Operativo por medio de la urn: en el método M-SEARCH en la función ssdpcgi() en el archivo /htdocs/cgibin, porque SERVER_ID se maneja inapropiadamente. El valor de la urn: service/device es verificado con la función strstr, lo que permite a un atacante concatenar comandos arbitrarios separados por metacaracteres de shell. • https://medium.com/%40s1kr10s/d-link-dir-859-rce-unauthenticated-cve-2019-20216-cve-2019-20217-en-6bca043500ae https://medium.com/%40s1kr10s/d-link-dir-859-rce-unauthenticated-cve-2019-20216-cve-2019-20217-es-e11ca6168d35 https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters. Los dispositivos D-Link DIR-859 versiones 1.05 y 1.06B01 Beta01, permiten a atacantes remotos ejecutar comandos arbitrarios del Sistema Operativo por medio de la urn: en el método M-SEARCH en la función ssdpcgi() en el archivo /htdocs/cgibin, porque REMOTE_PORT se maneja inapropiadamente. El valor de la urn: service/device es verificado con la función strstr, lo que permite a un atacante concatenar comandos arbitrarios separados por metacaracteres de shell. • https://medium.com/%40s1kr10s/d-link-dir-859-rce-unauthenticated-cve-2019-20216-cve-2019-20217-en-6bca043500ae https://medium.com/%40s1kr10s/d-link-dir-859-rce-unauthenticated-cve-2019-20216-cve-2019-20217-es-e11ca6168d35 https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10147 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •