CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24330
https://notcve.org/view.php?id=CVE-2023-24330
21 Feb 2024 — Command Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows attackers to run arbitrary commands via crafted POST request to /HNAP1/. La vulnerabilidad de inyección de comandos en D-Link Dir 882 con la versión de firmware DIR882A1_FW130B06 permite a los atacantes ejecutar comandos arbitrarios a través de una solicitud POST manipulada para /HNAP1/. • https://github.com/caoyebo/CVE/tree/main/dlink%20882%20-%20CVE-2023-24330 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-2023-24331
https://notcve.org/view.php?id=CVE-2023-24331
21 Feb 2024 — Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter. Vulnerabilidad de inyección de comandos en D-Link Dir 816 con versión de firmware DIR-816_A2_v1.10CNB04 permite a atacantes ejecutar comandos arbitrarios a través del parámetro urlAdd. • https://github.com/caoyebo/CVE/tree/main/Dlink%20816%20-%20CVE-2023-24331 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51613 – D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51613
11 Jan 2024 — D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of a us... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10365 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2023-51614 – D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51614
11 Jan 2024 — D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation ... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10365 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 1%CPEs: 2EXPL: 0CVE-2023-51616 – D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51616
11 Jan 2024 — D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of a user... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10365 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-51623 – D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51623
11 Jan 2024 — D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of a user... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10365 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2023-51624 – D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Nonce Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51624
11 Jan 2024 — D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Nonce Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Authorization header by the RTSP server, which listens on TCP port 554. The issue results from the lack of proper validation of the le... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2023-51626 – D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Username Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51626
11 Jan 2024 — D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Username Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Authorization header by the RTSP server, which listens on TCP port 554. The issue results from the lack of proper validation of the... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51627 – D-Link DCS-8300LHV2 ONVIF Duration Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51627
11 Jan 2024 — D-Link DCS-8300LHV2 ONVIF Duration Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-8300LHV2 IP cameras. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the parsing of Duration XML elements. The issue results from the lack of proper validation of the length of user-suppl... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51628 – D-Link DCS-8300LHV2 ONVIF SetHostName Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-51628
11 Jan 2024 — D-Link DCS-8300LHV2 ONVIF SetHostName Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DCS-8300LHV2 IP cameras. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the SetHostName ONVIF call. The issue results from the lack of proper validation of the length of u... • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10370 • CWE-121: Stack-based Buffer Overflow •