CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-33265
https://notcve.org/view.php?id=CVE-2021-33265
01 Dec 2021 — D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80046eb4 in /formSetPortTr. This vulnerability is triggered via a crafted POST request. Se ha detectado que los dispositivos D-Link DIR-809 con versión de firmware hasta DIR-809Ax_FW1.12WB03_20190410, contienen una vulnerabilidad de desbordamiento del búfer de la pila en la función FUN_80046eb4 en /formSetPortTr. Esta vulnerabilidad es desencadenada... • https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln05 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2021-33266
https://notcve.org/view.php?id=CVE-2021-33266
01 Dec 2021 — D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_8004776c in /formVirtualApp. This vulnerability is triggered via a crafted POST request. Se ha detectado que los dispositivos D-Link DIR-809 con versión de firmware hasta DIR-809Ax_FW1.12WB03_20190410, contienen una vulnerabilidad de desbordamiento del búfer de la pila en la función FUN_8004776c en /formVirtualApp. Esta vulnerabilidad es desencadena... • https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln04 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2021-33267
https://notcve.org/view.php?id=CVE-2021-33267
01 Dec 2021 — D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80034d60 in /formStaticDHCP. This vulnerability is triggered via a crafted POST request. Se ha detectado que los dispositivos D-Link DIR-809 con versión de firmware hasta DIR-809Ax_FW1.12WB03_20190410, contienen una vulnerabilidad de desbordamiento del búfer de la pila en la función FUN_80034d60 en /formStaticDHCP. Esta vulnerabilidad es desencadena... • https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln02 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2021-33268
https://notcve.org/view.php?id=CVE-2021-33268
01 Dec 2021 — D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function sub_8003183C in /fromLogin. This vulnerability is triggered via a crafted POST request. Se ha detectado que los dispositivos D-Link DIR-809 con versión de firmware hasta DIR-809Ax_FW1.12WB03_20190410, contienen una vulnerabilidad de desbordamiento del búfer de la pila en la función sub_8003183C en /fromLogin. Esta vulnerabilidad es desencadenada por med... • https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln03 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2021-33269
https://notcve.org/view.php?id=CVE-2021-33269
01 Dec 2021 — D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_8004776c in /formVirtualServ. This vulnerability is triggered via a crafted POST request. Se ha detectado que los dispositivos D-Link DIR-809 con versión de firmware hasta DIR-809Ax_FW1.12WB03_20190410, contienen una vulnerabilidad de desbordamiento del búfer de la pila en la función FUN_8004776c en /formVirtualServ. Esta vulnerabilidad es desencade... • https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln01 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2021-33270
https://notcve.org/view.php?id=CVE-2021-33270
01 Dec 2021 — D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_800462c4 in /formAdvFirewall. This vulnerability is triggered via a crafted POST request. Se ha detectado que los dispositivos D-Link DIR-809 con versión de firmware hasta DIR-809Ax_FW1.12WB03_20190410, contienen una vulnerabilidad de desbordamiento del búfer de la pila en la función FUN_800462c4 en /formAdvFirewall. Esta vulnerabilidad es desencade... • https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln06 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2021-33271
https://notcve.org/view.php?id=CVE-2021-33271
01 Dec 2021 — D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function sub_80046EB4 in /formSetPortTr. This vulnerability is triggered via a crafted POST request. Se ha detectado que los dispositivos D-Link DIR-809 con versión de firmware hasta DIR-809Ax_FW1.12WB03_20190410, contienen una vulnerabilidad de desbordamiento del búfer de la pila en la función sub_80046EB4 en /formSetPortTr. Esta vulnerabilidad es desencadenada... • https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln11 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2021-33274
https://notcve.org/view.php?id=CVE-2021-33274
01 Dec 2021 — D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_20190410 were discovered to contain a stack buffer overflow vulnerability in the function FUN_80040af8 in /formWlanSetup. This vulnerability is triggered via a crafted POST request. Se ha detectado que los dispositivos D-Link DIR-809 con versión de firmware hasta DIR-809Ax_FW1.12WB03_20190410, contienen una vulnerabilidad de desbordamiento del búfer de la pila en la función FUN_80040af8 en /formWlanSetup. Esta vulnerabilidad es desencadenada... • https://github.com/Lnkvct/IoT-poc/tree/master/D-Link-DIR809/vuln07 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 94%CPEs: 62EXPL: 2CVE-2014-8361 – Realtek SDK Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2014-8361
24 Apr 2015 — The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. El servicio miniigd SOAP en Realtek SDK permite a atacantes remotos ejecutar código arbitrario a través de una solicitud NewInternalClient manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Realtek SDK. Authentication is not required to exploit this vulnerability. The specific... • https://packetstorm.news/files/id/132090 •