Page 5 of 157 results (0.007 seconds)

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this vulnerability is the function formEasySetPassword of the file /goform/formEasySetPassword. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formEasySetPassword.md https://vuldb.com/?ctiid.279463 https://vuldb.com/?id.279463 https://vuldb.com/?submit.414547 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Affected is the function formAdvNetwork of the file /goform/formAdvNetwork. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formAdvNetwork.md https://vuldb.com/?ctiid.279462 https://vuldb.com/?id.279462 https://vuldb.com/?submit.414545 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. This issue affects the function formAdvFirewall of the file /goform/formAdvFirewall. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.279461 https://vuldb.com/?ctiid.279461 https://vuldb.com/?submit.414544 https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formAdvFirewall.md https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. This vulnerability affects the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next_page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/D-Link/DIR-619L/formDeviceReboot.md https://vuldb.com/?ctiid.279460 https://vuldb.com/?id.279460 https://vuldb.com/?submit.414541 https://www.dlink.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Certain models of D-Link wireless routers do not properly validate user input in the telnet service, allowing unauthenticated remote attackers to use hard-coded credentials to log into telnet and inject arbitrary OS commands, which can then be executed on the device. • https://www.twcert.org.tw/tw/cp-132-8090-bf06b-1.html https://www.twcert.org.tw/en/cp-139-8091-bcd52-2.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •