CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11062 – D-Link DSL6740C - OS Command Injection
https://notcve.org/view.php?id=CVE-2024-11062
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet. • https://www.twcert.org.tw/en/cp-139-8228-1fbb0-2.html https://www.twcert.org.tw/tw/cp-132-8221-601c3-1.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9915 – D-Link DIR-619L B1 formVirtualServ buffer overflow
https://notcve.org/view.php?id=CVE-2024-9915
A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formVirtualServ.md https://vuldb.com/?ctiid.280243 https://vuldb.com/?id.280243 https://vuldb.com/?submit.418747 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9914 – D-Link DIR-619L B1 formSetWizardSelectMode buffer overflow
https://notcve.org/view.php?id=CVE-2024-9914
A vulnerability classified as critical has been found in D-Link DIR-619L B1 2.06. Affected is the function formSetWizardSelectMode of the file /goform/formSetWizardSelectMode. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formSetWizardSelectMode.md https://vuldb.com/?ctiid.280242 https://vuldb.com/?id.280242 https://vuldb.com/?submit.418746 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9913 – D-Link DIR-619L B1 formSetRoute buffer overflow
https://notcve.org/view.php?id=CVE-2024-9913
A vulnerability was found in D-Link DIR-619L B1 2.06. It has been rated as critical. This issue affects the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formSetRoute.md https://vuldb.com/?ctiid.280241 https://vuldb.com/?id.280241 https://vuldb.com/?submit.418745 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9912 – D-Link DIR-619L B1 formSetQoS buffer overflow
https://notcve.org/view.php?id=CVE-2024-9912
A vulnerability was found in D-Link DIR-619L B1 2.06. It has been declared as critical. This vulnerability affects the function formSetQoS of the file /goform/formSetQoS. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formSetQoS.md https://vuldb.com/?ctiid.280240 https://vuldb.com/?id.280240 https://vuldb.com/?submit.418743 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •