cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-39668,https://securityvulnerability.io/vulnerability/CVE-2023-39668,Buffer Overflow Vulnerability in D-Link DIR-868L Router,"The D-Link DIR-868L router is susceptible to a buffer overflow vulnerability that arises from improper handling of input in the inet_ntoa() function, specifically through the param_2 parameter. Exploiting this vulnerability could allow an attacker to execute arbitrary code, potentially compromising the integrity and confidentiality of the device. Users are advised to review their firmware and apply necessary updates to mitigate this risk.",D-Link,Dir-868l Firmware,9.8,CRITICAL,0.0022100000642240047,false,,false,false,false,,,false,false,,2023-08-18T03:15:00.000Z,0
CVE-2023-39667,https://securityvulnerability.io/vulnerability/CVE-2023-39667,Buffer Overflow Vulnerability in D-Link DIR-868L Router Firmware,"The D-Link DIR-868L router is vulnerable to a buffer overflow due to improper input validation in the param_2 parameter within the FUN_0000acb4 function. This flaw allows attackers to exploit the vulnerability to execute arbitrary code, potentially compromising the security of the router and the network it serves. Users should ensure their firmware is updated to mitigate possible threats.",D-Link,Dir-868l Firmware,9.8,CRITICAL,0.0022100000642240047,false,,false,false,false,,,false,false,,2023-08-18T03:15:00.000Z,0
CVE-2023-39665,https://securityvulnerability.io/vulnerability/CVE-2023-39665,Buffer Overflow Vulnerability in D-Link DIR-868L Router,"A vulnerability affecting the D-Link DIR-868L router has been identified, allowing for a potential buffer overflow via the acStack_50 parameter. This weakness can lead to unauthorized access, enabling attackers to execute arbitrary code or destabilize the device's functionality. Users of affected firmware versions should take precautionary measures to mitigate potential risks.",D-Link,Dir-868l Firmware,9.8,CRITICAL,0.0022100000642240047,false,,false,false,false,,,false,false,,2023-08-18T03:15:00.000Z,0
CVE-2023-29856,https://securityvulnerability.io/vulnerability/CVE-2023-29856,Buffer Overflow Vulnerability in D-Link DIR-868L Router,"The D-Link DIR-868L router is affected by a Buffer Overflow vulnerability in the scandir.sgi binary, which may allow an attacker to execute arbitrary code and potentially gain unauthorized access to the device. This could compromise the integrity and confidentiality of the data transmitted through the router. Users are advised to apply available firmware updates to mitigate this security risk. For detailed information, refer to D-Link's security bulletins and support announcements.",D-Link,Dir-868l Firmware,9.8,CRITICAL,0.002090000081807375,false,,false,false,false,,,false,false,,2023-05-02T00:00:00.000Z,0
CVE-2017-14948,https://securityvulnerability.io/vulnerability/CVE-2017-14948,Buffer Overflow Vulnerability in D-Link Routers,"Certain D-Link routers are vulnerable to a buffer overflow due to improper handling of the CONTENT_TYPE HTTP header in the htdocs/fileaccess.cgi component. When a crafted HTTP request is received, particularly if the CONTENT_TYPE header starts with 'boundary=' followed by more than 256 characters, this can trigger a buffer overflow. This vulnerability can be exploited by remote attackers to execute arbitrary code, leading to potential unauthorized access and control over the affected devices. Users of DIR-880L and DIR-895 L/R are encouraged to review their device configurations and apply any available firmware updates to mitigate this risk.",D-Link,Dir-868l Firmware,9.8,CRITICAL,0.00139999995008111,false,,false,false,true,2019-10-12T17:29:36.000Z,true,false,false,,2019-10-14T17:03:25.000Z,0
CVE-2019-17506,https://securityvulnerability.io/vulnerability/CVE-2019-17506,Authentication Bypass Vulnerability on D-Link Routers,"An issue has been discovered in certain D-Link routers, where specific web interfaces lack necessary authentication measures. This vulnerability enables an attacker to retrieve sensitive information, including the router's username and password, by manipulating request parameters. By targeting the device's configuration file, unauthorized users may gain control over the router remotely, potentially compromising network security and integrity. Users are advised to review their device settings and apply firmware updates as necessary to mitigate the risk.",D-Link,Dir-868l B1 Firmware,9.8,CRITICAL,0.8478699922561646,false,,false,false,false,,,false,false,,2019-10-11T19:29:43.000Z,0
CVE-2019-16190,https://securityvulnerability.io/vulnerability/CVE-2019-16190,Authentication Bypass Vulnerability in D-Link SharePort Web Access,"The SharePort Web Access feature on specific D-Link routers allows unauthorized access due to an authentication bypass flaw. This vulnerability can be exploited via direct requests to sensitive PHP files, compromising the device's security. Users are encouraged to secure their devices by updating to the latest firmware versions provided by D-Link to mitigate potential risks.",D-Link,Dir-868l Firmware,9.8,CRITICAL,0.005270000081509352,false,,false,false,false,,,false,false,,2019-09-09T19:54:36.000Z,0
CVE-2018-19988,https://securityvulnerability.io/vulnerability/CVE-2018-19988,Command Injection in D-Link DIR-868L Rev.B Devices,"A vulnerability exists in D-Link DIR-868L Rev.B devices due to the improper handling of parameters within the /HNAP1/SetClientInfoDemo message. Specifically, the AudioMute and AudioEnable parameters can be exploited as they are stored without sufficient validation in the ShellPath script file. This lack of regex checking enables an attacker to manipulate the parameters, leading to potential command injection vulnerabilities. By leveraging specially crafted XML messages containing single quotes or backquotes, an attacker could execute arbitrary commands on the device, risking unauthorized access and control.",D-link,Dir-868l Firmware,9.8,CRITICAL,0.5455899834632874,false,,false,false,false,,,false,false,,2019-05-13T13:24:27.000Z,0
CVE-2018-10957,https://securityvulnerability.io/vulnerability/CVE-2018-10957,,"CSRF exists on D-Link DIR-868L devices, leading to (for example) a change to the Admin password. hedwig.cgi and pigwidgeon.cgi are two of the affected components.",D-Link,Dir-868l Firmware,8.8,HIGH,0.010660000145435333,false,,false,false,false,,,false,false,,2018-05-10T02:00:00.000Z,0
CVE-2016-5681,https://securityvulnerability.io/vulnerability/CVE-2016-5681,,"Stack-based buffer overflow in dws/api/Login on D-Link DIR-850L B1 2.07 before 2.07WWB05, DIR-817 Ax, DIR-818LW Bx before 2.05b03beta03, DIR-822 C1 3.01 before 3.01WWb02, DIR-823 A1 1.00 before 1.00WWb05, DIR-895L A1 1.11 before 1.11WWb04, DIR-890L A1 1.09 before 1.09b14, DIR-885L A1 1.11 before 1.11WWb07, DIR-880L A1 1.07 before 1.07WWb08, DIR-868L B1 2.03 before 2.03WWb01, and DIR-868L C1 3.00 before 3.00WWb01 devices allows remote attackers to execute arbitrary code via a long session cookie.",D-Link,Dir-868l Firmware,9.8,CRITICAL,0.01947999931871891,false,,false,false,false,,,false,false,,2016-08-25T21:00:00.000Z,0