Security
Headlines
HeadlinesLatestCVEs

Tag

#git

CVE-2023-45575: bug_submit/D-Link/DI-7xxxx/bug5.md at main · Archerber/bug_submit

Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the ip parameter of the ip_position.asp function.

CVE
Open in Source
#vulnerability#git#buffer_overflow
CVE-2023-45573: bug_submit/D-Link/DI-7xxxx/bug7.md at main · Archerber/bug_submit

Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx parameter of the ddns.asp function.

CVE-2023-45572: bug_submit/D-Link/DI-7xxxx/bug1.md at main · Archerber/bug_submit

Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function.

CVE-2023-36950: bug_submit/TOTOLINK/loginauth.md at main · Archerber/bug_submit

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.

CVE-2023-44808: bug_submit/D-Link/DIR-820l/bug3.md at main · Archerber/bug_submit

D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.

CVE-2023-36953: bug_submit/TOTOLINK/CP300+_2.md at main · Archerber/bug_submit

TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection.

CVE-2023-44809: bug_submit/D-Link/DIR-820l/bug1.md at main · Archerber/bug_submit

D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.

CVE-2023-36947: bug_submit/TOTOLINK/UploadCustomModule.md at main · Archerber/bug_submit

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule.

CVE-2023-36340: bug_submit/TOTOLINK/TOTOLINK-NR1800X.md at main · Archerber/bug_submit

TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.

CVE-2023-36952: bug_submit/TOTOLINK/CP300+_1.md at main · Archerber/bug_submit

TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg.