CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-44809
https://notcve.org/view.php?id=CVE-2023-44809
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. El dispositivo D-Link DIR-820L 1.05B03 es vulnerable a permisos inseguros. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug1.md • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-45572
https://notcve.org/view.php?id=CVE-2023-45572
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function. Vulnerabilidad de desbordamiento de búfer en el dispositivo D-Link DI-7003GV2.D1 v.23.08.25D1 y anteriores, DI-7100G+V2.D1 v.23.08.23D1 y anteriores, DI-7100GV2.D1 v.23.08.23D1, DI-7200G +V2.D1 v.23.08.23D1 y anteriores, DI-7200GV2.E1 v.23.08.23E1 y anteriores, DI-7300G+V2.D1 v.23.08.23D1 y DI-7400G+V2.D1 v.23.08. 23D1 y anteriores permiten a un atacante remoto ejecutar código arbitrario a través del parámetro fn de la función tgfile.htm. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug1.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-45573
https://notcve.org/view.php?id=CVE-2023-45573
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the n parameter of the mrclfile_del.asp function. Vulnerabilidad de desbordamiento de búfer en el dispositivo D-Link DI-7003GV2.D1 v.23.08.25D1 y anteriores, DI-7100G+V2.D1 v.23.08.23D1 y anteriores, DI-7100GV2.D1 v.23.08.23D1, DI-7200G +V2.D1 v.23.08.23D1 y anteriores, DI-7200GV2.E1 v.23.08.23E1 y anteriores, DI-7300G+V2.D1 v.23.08.23D1 y DI-7400G+V2.D1 v.23.08. 23D1 y anteriores permiten a un atacante remoto ejecutar código arbitrario a través del parámetro n de la función mrclfile_del.asp. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug7.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-45574
https://notcve.org/view.php?id=CVE-2023-45574
Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the file.data function. Vulnerabilidad de desbordamiento de búfer en el dispositivo D-Link DI-7003GV2.D1 v.23.08.25D1 y anteriores, DI-7100G+V2.D1 v.23.08.23D1 y anteriores, DI-7100GV2.D1 v.23.08.23D1, DI-7200G +V2.D1 v.23.08.23D1 y anteriores, DI-7200GV2.E1 v.23.08.23E1 y anteriores, DI-7300G+V2.D1 v.23.08.23D1 y DI-7400G+V2.D1 v.23.08. 23D1 y anteriores permiten a un atacante remoto ejecutar código arbitrario a través del parámetro fn de la función file.data. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug2.md https://www.dlink.com/en/security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 1CVE-2023-45575
https://notcve.org/view.php?id=CVE-2023-45575
Stack Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip parameter of the ip_position.asp function. Vulnerabilidad de desbordamiento de pila en el dispositivo D-Link DI-7003GV2.D1 v.23.08.25D1 y anteriores, DI-7100G+V2.D1 v.23.08.23D1 y anteriores, DI-7100GV2.D1 v.23.08.23D1, DI-7200G +V2.D1 v.23.08.23D1 y anteriores, DI-7200GV2.E1 v.23.08.23E1 y anteriores, DI-7300G+V2.D1 v.23.08.23D1 y DI-7400G+V2.D1 v.23.08. 23D1 y anteriores permiten a un atacante remoto ejecutar código arbitrario a través del parámetro ip de la función ip_position.asp. • https://github.com/Archerber/bug_submit/blob/main/D-Link/DI-7xxxx/bug5.md • CWE-787: Out-of-bounds Write •