CVSS: 10.0EPSS: 94%CPEs: 62EXPL: 2CVE-2014-8361 – Realtek SDK Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2014-8361
24 Apr 2015 — The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. El servicio miniigd SOAP en Realtek SDK permite a atacantes remotos ejecutar código arbitrario a través de una solicitud NewInternalClient manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Realtek SDK. Authentication is not required to exploit this vulnerability. The specific... • https://packetstorm.news/files/id/132090 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2009-4821
https://notcve.org/view.php?id=CVE-2009-4821
27 Apr 2010 — The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi network via unspecified vectors, or (3) modify DNS settings via unspecified vectors. El D-Link DIR-615 con firmware 3.10NA no requiere autenticación de administrador para apply.cgi, lo que permite a atacantes remotos (1) cambiar la contraseña de administrador a ... • http://secunia.com/advisories/37777 • CWE-287: Improper Authentication •