Security
Headlines
HeadlinesLatestCVEs

Tag

#git

CVE-2023-45573: bug_submit/D-Link/DI-7xxxx/bug7.md at main · Archerber/bug_submit

Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the wild/mx parameter of the ddns.asp function.

CVE
Open in Source
#vulnerability#git#buffer_overflow
CVE-2023-45572: bug_submit/D-Link/DI-7xxxx/bug1.md at main · Archerber/bug_submit

Buffer Overflow vulnerability in DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and before allows a remote attacker to execute arbitrary code via the fn parameter of the tgfile.htm function.

CVE-2023-36950: bug_submit/TOTOLINK/loginauth.md at main · Archerber/bug_submit

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.

CVE-2023-44808: bug_submit/D-Link/DIR-820l/bug3.md at main · Archerber/bug_submit

D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_4507CC function.

CVE-2023-36953: bug_submit/TOTOLINK/CP300+_2.md at main · Archerber/bug_submit

TOTOLINK CP300+ V5.2cu.7594_B20200910 and before is vulnerable to command injection.

CVE-2023-44809: bug_submit/D-Link/DIR-820l/bug1.md at main · Archerber/bug_submit

D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.

CVE-2023-36947: bug_submit/TOTOLINK/UploadCustomModule.md at main · Archerber/bug_submit

TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow via the File parameter in the function UploadCustomModule.

CVE-2023-36340: bug_submit/TOTOLINK/TOTOLINK-NR1800X.md at main · Archerber/bug_submit

TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.

CVE-2023-36952: bug_submit/TOTOLINK/CP300+_1.md at main · Archerber/bug_submit

TOTOLINK CP300+ V5.2cu.7594_B20200910 was discovered to contain a stack overflow via the pingIp parameter in the function setDiagnosisCfg.

Binance's Smart Chain Exploited in New 'EtherHiding' Malware Campaign

Threat actors have been observed serving malicious code by utilizing Binance's Smart Chain (BSC) contracts in what has been described as the "next level of bulletproof hosting." The campaign, detected two months ago, has been codenamed EtherHiding by Guardio Labs. The novel twist marks the latest iteration in an ongoing campaign that leverages compromised WordPress sites to serve unsuspecting