CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-45577
https://notcve.org/view.php?id=CVE-2023-45577
Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wanid parameter of the H5/speedlimit.data function. Vulnerabilidad de desbordamiento de pila en el dispositivo D-Link DI-7003GV2.D1 v.23.08.25D1 y anteriores, DI-7100G+V2.D1 v.23.08.23D1 y anteriores, DI-7100GV2.D1 v.23.08.23D1, DI-7200G +V2.D1 v.23.08.23D1 y anteriores, DI-7200GV2.E1 v.23.08.23E1 y anteriores, DI-7300G+V2.D1 v.23.08.23D1 y DI-7400G+V2.D1 v.23.08. 23D1 y anteriores permiten a un atacante remoto ejecutar código arbitrario a través del parámetro wanid de la función H5/speedlimit.data. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug9.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-45578
https://notcve.org/view.php?id=CVE-2023-45578
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the pap_en/chap_en parameter of the pppoe_base.asp function. Vulnerabilidad de desbordamiento de búfer en el dispositivo D-Link DI-7003GV2.D1 v.23.08.25D1 y anteriores, DI-7100G+V2.D1 v.23.08.23D1 y anteriores, DI-7100GV2.D1 v.23.08.23D1, DI-7200G +V2.D1 v.23.08.23D1 y anteriores, DI-7200GV2.E1 v.23.08.23E1 y anteriores, DI-7300G+V2.D1 v.23.08.23D1 y DI-7400G+V2.D1 v.23.08. 23D1 y anteriores permiten a un atacante remoto ejecutar código arbitrario a través del parámetro pap_en/chap_en de la función pppoe_base.asp. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug4.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-45579
https://notcve.org/view.php?id=CVE-2023-45579
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip/type parameter of the jingx.asp function. Vulnerabilidad de desbordamiento de búfer en el dispositivo D-Link DI-7003GV2.D1 v.23.08.25D1 y anteriores, DI-7100G+V2.D1 v.23.08.23D1 y anteriores, DI-7100GV2.D1 v.23.08.23D1, DI-7200G +V2.D1 v.23.08.23D1 y anteriores, DI-7200GV2.E1 v.23.08.23E1 y anteriores, DI-7300G+V2.D1 v.23.08.23D1 y DI-7400G+V2.D1 v.23.08. 23D1 y anteriores permiten a un atacante remoto ejecutar código arbitrario a través del parámetro ip/type de la función jingx.asp. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug8.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-45580
https://notcve.org/view.php?id=CVE-2023-45580
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx and other parameters of the ddns.asp function Vulnerabilidad de desbordamiento de búfer en el dispositivo D-Link DI-7003GV2.D1 v.23.08.25D1 y anteriores, DI-7100G+V2.D1 v.23.08.23D1 y anteriores, DI-7100GV2.D1 v.23.08.23D1, DI-7200G +V2.D1 v.23.08.23D1 y anteriores, DI-7200GV2.E1 v.23.08.23E1 y anteriores, DI-7300G+V2.D1 v.23.08.23D1 y DI-7400G+V2.D1 v.23.08. 23D1 y anteriores permiten a un atacante remoto ejecutar código arbitrario a través de wild/mx y otros parámetros de la función ddns.asp. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug6.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-43196
https://notcve.org/view.php?id=CVE-2023-43196
D-Link DI-7200GV2.E1 v21.04.09E1 was discovered to contain a stack overflow via the zn_jb parameter in the arp_sys.asp function. Se descubrió que D-Link DI-7200GV2.E1 v21.04.09E1 contenía un desbordamiento de memoria a través del parámetro zn_jb en la función arp_sys.asp. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7200GV2/bug4.md • CWE-787: Out-of-bounds Write •