CVE-2024-1786 – D-Link DIR-600M C1 Telnet Service buffer overflow
https://notcve.org/view.php?id=CVE-2024-1786
A vulnerability, which was classified as critical, has been found in D-Link DIR-600M C1 3.08. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation of the argument username leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://gist.github.com/dmknght/269d90e17713bbd34e48c50f5c5284a2 https://vuldb.com/?ctiid.254576 https://vuldb.com/?id.254576 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2018-6936 – D-Link DIR-600M Wireless - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-6936
Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via the SSID or the name of a user account. Existe Cross-Site Scripting (XSS) en D-Link DIR-600M C1 3.01 mediante el SSID o el nombre de una cuenta de usuario. D-Link DIR-600M Wireless suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/44219 https://0day4u.wordpress.com/2018/02/21/d-link-dir-600m-wireless-stored-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •