CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-19319
https://notcve.org/view.php?id=CVE-2020-19319
11 Sep 2023 — Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the FILECODE parameter on login. Vulnerabilidad de desbordamiento de búfer en DLINK 619L versión B 2.06beta a través del parámetro FILECODE al iniciar sesión. • https://github.com/hhhhu8045759/dir_619l-buffer-overflow • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-19320
https://notcve.org/view.php?id=CVE-2020-19320
11 Sep 2023 — Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login. Vulnerabilidad de desbordamiento de búfer en DLINK 619L versión B 2.06beta a través del parámetro curTime al iniciar sesión. • https://github.com/hhhhu8045759/dlink-619l-buffer_overflow • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-19323
https://notcve.org/view.php?id=CVE-2020-19323
11 Sep 2023 — An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required Se descubrió un problema en /bin/mini_upnpd en dispositivos D-Link DIR-619L 2.06beta. Hay un desbordamiento del búfer que permite a atacantes remotos reiniciar el router a través del parámetro ST de solicitud de búsqueda M. No se requiere autenticación • https://github.com/hhhhu8045759/619L_upnpd_heapoverflow • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 33%CPEs: 2EXPL: 1CVE-2023-37791
https://notcve.org/view.php?id=CVE-2023-37791
17 Jul 2023 — D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin. • https://github.com/naihsin/IoT/tree/main/D-Link/DIR-619L/overflow • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 46%CPEs: 4EXPL: 1CVE-2018-20056
https://notcve.org/view.php?id=CVE-2018-20056
11 Dec 2018 — An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter. Se ha descubierto un problema en /bin/boa en dispositivos D-Link DIR-619L Rev.B 2.06B1 y DIR-605L Rev.B 2.12B1. Hay un desbordamiento de búfer basado en pila que permite que atacantes remotos ejecuten código arbitrario sin autenticación medi... • https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-619%20stack%20overflow.md • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 25%CPEs: 4EXPL: 1CVE-2018-20057
https://notcve.org/view.php?id=CVE-2018-20057
11 Dec 2018 — An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter. Se ha descubierto un problema en /bin/boa en dispositivos D-Link DIR-619L Rev.B 2.06B1 y DIR-605L Rev.B 2.12B1. goform/formSysCmd permite que usuarios autenticados remotos ejecuten comandos arbitrarios del sistema operativo mediante el parámetro POST sysCmd. • https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-619%20command%20execution.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 94%CPEs: 62EXPL: 2CVE-2014-8361 – Realtek SDK Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2014-8361
24 Apr 2015 — The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. El servicio miniigd SOAP en Realtek SDK permite a atacantes remotos ejecutar código arbitrario a través de una solicitud NewInternalClient manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Realtek SDK. Authentication is not required to exploit this vulnerability. The specific... • https://packetstorm.news/files/id/132090 •