CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-24351
https://notcve.org/view.php?id=CVE-2023-24351
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24352
https://notcve.org/view.php?id=CVE-2023-24352
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/03 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 91%CPEs: 2EXPL: 1CVE-2021-40655 – D-Link DIR-605 Router Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-40655
24 Sep 2021 — An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page Se presenta un problema de divulgación de información en D-LINK-DIR-605 B2 Firmware Versión : 2.01MT. Un atacante puede obtener un nombre de usuario y una contraseña al falsificar una petición de envío a la página / getcfg.php D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obta... • https://github.com/Ilovewomen/D-LINK-DIR-605 • CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 46%CPEs: 4EXPL: 1CVE-2018-20056
https://notcve.org/view.php?id=CVE-2018-20056
11 Dec 2018 — An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter. Se ha descubierto un problema en /bin/boa en dispositivos D-Link DIR-619L Rev.B 2.06B1 y DIR-605L Rev.B 2.12B1. Hay un desbordamiento de búfer basado en pila que permite que atacantes remotos ejecuten código arbitrario sin autenticación medi... • https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-619%20stack%20overflow.md • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 25%CPEs: 4EXPL: 1CVE-2018-20057
https://notcve.org/view.php?id=CVE-2018-20057
11 Dec 2018 — An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter. Se ha descubierto un problema en /bin/boa en dispositivos D-Link DIR-619L Rev.B 2.06B1 y DIR-605L Rev.B 2.12B1. goform/formSysCmd permite que usuarios autenticados remotos ejecuten comandos arbitrarios del sistema operativo mediante el parámetro POST sysCmd. • https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-619%20command%20execution.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 20%CPEs: 2EXPL: 2CVE-2017-9675 – D-Link DIR-605L < 2.08 - Denial of Service
https://notcve.org/view.php?id=CVE-2017-9675
15 Jun 2017 — On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot. En dispositivos D-Link DIR-605L, el firmware en versiones anteriores a la 2.08UIBetaB01.bin permite que una petición GET desencadene un reinicio. D-Link DIR605L versions 2.08 and below suffer from a denial of service vulnerability via a simple HTTP GET. • https://packetstorm.news/files/id/145011 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 94%CPEs: 62EXPL: 2CVE-2014-8361 – Realtek SDK Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2014-8361
24 Apr 2015 — The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. El servicio miniigd SOAP en Realtek SDK permite a atacantes remotos ejecutar código arbitrario a través de una solicitud NewInternalClient manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Realtek SDK. Authentication is not required to exploit this vulnerability. The specific... • https://packetstorm.news/files/id/132090 •