CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24347
https://notcve.org/view.php?id=CVE-2023-24347
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/02 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-24348
https://notcve.org/view.php?id=CVE-2023-24348
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/02 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-24349
https://notcve.org/view.php?id=CVE-2023-24349
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/04 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-24350
https://notcve.org/view.php?id=CVE-2023-24350
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/03 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-24351
https://notcve.org/view.php?id=CVE-2023-24351
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24352
https://notcve.org/view.php?id=CVE-2023-24352
10 Feb 2023 — D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. • https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/03 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 91%CPEs: 2EXPL: 1CVE-2021-40655 – D-Link DIR-605 Router Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-40655
24 Sep 2021 — An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page Se presenta un problema de divulgación de información en D-LINK-DIR-605 B2 Firmware Versión : 2.01MT. Un atacante puede obtener un nombre de usuario y una contraseña al falsificar una petición de envío a la página / getcfg.php D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obta... • https://github.com/Ilovewomen/D-LINK-DIR-605 • CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 46%CPEs: 4EXPL: 1CVE-2018-20056
https://notcve.org/view.php?id=CVE-2018-20056
11 Dec 2018 — An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. There is a stack-based buffer overflow allowing remote attackers to execute arbitrary code without authentication via the goform/formLanguageChange currTime parameter. Se ha descubierto un problema en /bin/boa en dispositivos D-Link DIR-619L Rev.B 2.06B1 y DIR-605L Rev.B 2.12B1. Hay un desbordamiento de búfer basado en pila que permite que atacantes remotos ejecuten código arbitrario sin autenticación medi... • https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-619%20stack%20overflow.md • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 25%CPEs: 4EXPL: 1CVE-2018-20057
https://notcve.org/view.php?id=CVE-2018-20057
11 Dec 2018 — An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices. goform/formSysCmd allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter. Se ha descubierto un problema en /bin/boa en dispositivos D-Link DIR-619L Rev.B 2.06B1 y DIR-605L Rev.B 2.12B1. goform/formSysCmd permite que usuarios autenticados remotos ejecuten comandos arbitrarios del sistema operativo mediante el parámetro POST sysCmd. • https://github.com/WhooAmii/whooamii.github.io/blob/master/2018/DIR-619%20command%20execution.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-17065
https://notcve.org/view.php?id=CVE-2017-17065
30 Nov 2017 — An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (device crash) or possibly have unspecified other impact by sending a sufficiently long string in the password field of the HTTP Basic Authentication section of the HTTP request. Se ha descubierto un problema en dispositivos D-Link DIR-605L Model B en versiones anteriores a la FW2.11betaB06_hbrf. Esto se relaciona... • ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-605L/REVB/DIR-605L_REVB_FIRMWARE_PATCH_NOTES_2.11betaB06_HBRF_EN.pdf • CWE-20: Improper Input Validation •