CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2018-10750
https://notcve.org/view.php?id=CVE-2018-10750
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'staticGet' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'staticGet <node_name attr>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. Se ha descubierto un problema en dispositivos D-Link DSL-3782 EU 1.01. Un usuario autenticado puede pasar un búfer largo como parámetro "staticGet" al binario "/userfs/bin/tcapi" (en el componente Diagnosis) mediante la función "staticGet <node_name_attr>" y provocar la corrupción de la memoria. • https://github.com/kgsdy/D-Link-DSL-3782-EU/blob/master/staticGet.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-10747
https://notcve.org/view.php?id=CVE-2018-10747
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'unset <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. Se ha descubierto un problema en dispositivos D-Link DSL-3782 EU 1.01. Un usuario autenticado puede pasar un búfer largo como parámetro "unset" al binario "/userfs/bin/tcapi" (en el componente Diagnosis) mediante la función "unset <node_name>" y provocar la corrupción de la memoria. • https://github.com/kgsdy/D-Link-DSL-3782-EU/blob/master/unset.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-10748
https://notcve.org/view.php?id=CVE-2018-10748
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'show' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'show <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. Se ha descubierto un problema en dispositivos D-Link DSL-3782 EU 1.01. Un usuario autenticado puede pasar un búfer largo como parámetro "show" al binario "/userfs/bin/tcapi" (en el componente Diagnosis) mediante la función "show <node_name>" y provocar la corrupción de la memoria. • https://github.com/kgsdy/D-Link-DSL-3782-EU/blob/master/show.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-10749
https://notcve.org/view.php?id=CVE-2018-10749
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'commit' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'commit <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. Se ha descubierto un problema en dispositivos D-Link DSL-3782 EU 1.01. Un usuario autenticado puede pasar un búfer largo como parámetro "commit" al binario "/userfs/bin/tcapi" (en el componente Diagnosis) mediante la función "commit <node_name>" y provocar la corrupción de la memoria. • https://github.com/kgsdy/D-Link-DSL-3782-EU/blob/master/commit.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-10746
https://notcve.org/view.php?id=CVE-2018-10746
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'get' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'get <node_name attr>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. Se ha descubierto un problema en dispositivos D-Link DSL-3782 EU 1.01. Un usuario autenticado puede pasar un búfer largo como parámetro "get" al binario "/userfs/bin/tcapi" (en el componente Diagnosis) mediante la función "get <node_name_attr>" y provocar la corrupción de la memoria. • https://github.com/kgsdy/D-Link-DSL-3782-EU/blob/master/get.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •