| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which does not check the size of l2tp_usrname, resulting in stack overflow. |
| D-link DIR-816 A2_v1.10CNB04.img reboots the router without authentication via /goform/doReboot. No authentication is required, and reboot is executed when the function returns at the end. |
| In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability |
| D-Link DIR-816 A2_v1.10CNB04.img is vulnerable to Command Injection via /goform/SystemCommand. After the user passes in the command parameter, it will be spliced into byte_4836B0 by snprintf, and finally doSystem(&byte_4836B0); will be executed, resulting in a command injection. |
| In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end. |
| D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost. |
| D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/form2userconfig.cgi. |
| Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks. |
| Bluecms 1.6 has SQL injection in line 132 of admin/area.php |
| BlueCMS 1.6 has SQL injection in line 55 of admin/model.php |
| BlueCMS 1.6 has SQL injection in line 132 of admin/article.php |
| An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab files. The patch for this was present in SNYPR version 6.4 Jun 2022 R3_[06170871], but may have been introduced sooner. |
| H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateMacClone. |
| H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateSnat. |
| H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateIpv6Params. |
| H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPInfoById. |
| H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EnableIpv6. |
| H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateWanParams. |
| H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G. |
| H3C H200 H200V100R004 was discovered to contain a stack overflow via the function AddMacList. |
