CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-44839
https://notcve.org/view.php?id=CVE-2023-44839
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Encryption parameter in the SetWLanRadioSecurity function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Se descubrió que D-Link DIR-823G A1V1.0.2B05 contenía un desbordamiento del búfer a través del parámetro Encryption en la función SetWLanRadioSecurity. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) mediante una entrada manipulada. • https://github.com/bugfinder0/public_bug/tree/main/dlink/dir823g/SetWLanRadioSecurity_Encryption https://www.dlink.com/en/security-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2023-43284
https://notcve.org/view.php?id=CVE-2023-43284
D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter. Un problema en la versión de firmware 100A53DBR-Retail del router D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 permite a un atacante remoto ejecutar código arbitrario. • https://github.com/MateusTesser/CVE-2023-43284 https://youtu.be/Y8osw_xU6-0 •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-5322 – D-Link DAR-7000 edit_manageadmin.php sql injection
https://notcve.org/view.php?id=CVE-2023-5322
A vulnerability was found in D-Link DAR-7000 up to 20151231. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sysmanage/edit_manageadmin.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. • https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000%E5%AD%98%E5%9C%A8sql%E6%B3%A8%E5%85%A5:sysmanage:edit_manageadmin.php.md https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10354 https://vuldb.com/?ctiid.240992 https://vuldb.com/?id.240992 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43860
https://notcve.org/view.php?id=CVE-2023-43860
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanNonLogin function. El D-Link DIR-619L B1 2.02 es vulnerable al desbordamiento del búfer a través de la función formSetWanNonLogin. • https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43861
https://notcve.org/view.php?id=CVE-2023-43861
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanPPPoE function. El D-Link DIR-619L B1 2.02 es vulnerable al desbordamiento del búfer a través de la función formSetWanPPPoE. • https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •