VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202410-0125 CVE-2024-9570 D-Link Systems, Inc.  of  DIR-619L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue is the function formEasySetTimezone of the file /goform/formEasySetTimezone. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-619L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-619L is a wireless router designed for home and small office environments. It implements the IEEE 802.11n standard and offers a maximum transmission rate of 300Mbps. This vulnerability stems from the failure of the curTime parameter in the formEasySetTimezone function in the /goform/formEasySetTimezone page to properly validate the length of the input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0084 CVE-2024-9569 D-Link Systems, Inc.  of  DIR-619L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this vulnerability is the function formEasySetPassword of the file /goform/formEasySetPassword. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-619L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-619L is a wireless router designed for home and small office environments. It implements the IEEE 802.11n standard and offers a maximum transmission rate of 300Mbps. This vulnerability stems from the failure of the curTime parameter in the formEasySetPassword function in the /goform/formEasySetPassword page to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0119 CVE-2024-9568 D-Link Systems, Inc.  of  DIR-619L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Affected is the function formAdvNetwork of the file /goform/formAdvNetwork. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-619L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-619L is a wireless router designed for home and small office environments. It implements the IEEE 802.11n standard and offers a maximum transmission rate of 300Mbps. This vulnerability stems from the failure of the curTime parameter in the formAdvNetwork function in the /goform/formAdvNetwork page to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0072 CVE-2024-9567 D-Link Systems, Inc.  of  DIR-619L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L B1 2.06. This issue affects the function formAdvFirewall of the file /goform/formAdvFirewall. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-619L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-619L is a wireless router designed for home and small office environments. It implements the IEEE 802.11n standard and offers a maximum transmission rate of 300Mbps. This vulnerability stems from the failure of the curTime parameter in the formAdvFirewall function in the /goform/formAdvFirewall page to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0042 CVE-2024-9566 D-Link Systems, Inc.  of  DIR-619L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. This vulnerability affects the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next_page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-619L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-619L is a wireless router designed for home and small office environments. It implements the IEEE 802.11n standard and offers a maximum transmission rate of 300Mbps. This vulnerability stems from the failure of the next_page parameter of the formDeviceReboot function in the /goform/formDeviceReboot page to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-1481 CVE-2024-46325 TP-LINK Technologies  of  wr740n  Stack-based buffer overflow vulnerability in firmware CVSS V2: 5.2
CVSS V3: 5.5
Severity: MEDIUM
TP-Link WR740N V6 has a stack overflow vulnerability via the ssid parameter in /userRpm/popupSiteSurveyRpm.htm url. TP-LINK Technologies of wr740n A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TP-LINK TL-WR740N is a wireless router from TP-LINK of China. A remote attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack
VAR-202410-2726 CVE-2024-20094 media tech's  NR15  Vulnerability in CVSS V2: -
CVSS V3: 7.5
Severity: HIGH
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535. media tech's NR15 Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state
VAR-202410-0063 CVE-2024-9565 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability has been found in D-Link DIR-605L 2.13B01 BETA and classified as critical. Affected by this vulnerability is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router from D-Link of China. The vulnerability is caused by the curTime parameter of the formSetPassword function in the /goform/formSetPassword page failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack
VAR-202410-0073 CVE-2024-9564 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability, which was classified as critical, was found in D-Link DIR-605L 2.13B01 BETA. Affected is the function formWlanWizardSetup of the file /goform/formWlanWizardSetup. The manipulation of the argument webpage leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-605L is D-Link's first cloud router, designed for home and small office network environments. This vulnerability could allow an attacker to alter program control flow or execute malicious code
VAR-202410-0056 CVE-2024-9563 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability, which was classified as critical, has been found in D-Link DIR-605L 2.13B01 BETA. This issue affects the function formWlanSetup_Wizard of the file /goform/formWlanSetup_Wizard. The manipulation of the argument webpage leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router from D-Link of China. D-Link DIR-605L has a buffer overflow vulnerability. The vulnerability is caused by the webpage parameter of the formWlanSetup_Wizard function in the /goform/formWlanSetup_Wizard page failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0064 CVE-2024-9562 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability classified as critical was found in D-Link DIR-605L 2.13B01 BETA. This vulnerability affects the function formSetWizard1/formSetWizard2. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router from D-Link of China. The vulnerability is caused by the curTime parameter of the formSetWizard1/formSetWizard2 function failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0065 CVE-2024-9561 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01 BETA. This affects the function formSetWAN_Wizard51/formSetWAN_Wizard52. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router from D-Link of China. The vulnerability is caused by the curTime parameter of the formSetWAN_Wizard51/formSetWAN_Wizard52 function failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0077 CVE-2024-9559 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-605L is D-Link's first cloud router, designed for home and small office network environments. This vulnerability occurs because the webpage parameter of the formWlanSetup function in the /goform/formWlanSetup page fails to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service
VAR-202410-0054 CVE-2024-9558 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formSetWanPPTP of the file /goform/formSetWanPPTP. The manipulation of the argument webpage leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-605L is D-Link's first cloud router, designed for home and small office network environments. This vulnerability occurs because the webpage parameter of the formSetWanPPTP function in the /goform/formSetWanPPTP page fails to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service
VAR-202410-0060 CVE-2024-9557 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability has been found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This vulnerability affects the function formSetWanPPPoE of the file /goform/formSetWanPPPoE. The manipulation of the argument webpage leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router from D-Link of China. D-Link DIR-605L has a buffer overflow vulnerability. The vulnerability is caused by the webpage parameter of the formSetWanPPPoE function in the /goform/formSetWanPPPoE page failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0058 CVE-2024-9556 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability, which was classified as critical, was found in D-Link DIR-605L 2.13B01 BETA. This affects the function formSetEnableWizard of the file /goform/formSetEnableWizard. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The D-Link DIR-605L is D-Link's first cloud router, designed for home and small office network environments. This vulnerability stems from the failure of the curTime parameter in the formSetEnableWizard function in the /goform/formSetEnableWizard page to properly validate the length of input data. This vulnerability could allow an attacker to execute arbitrary code or cause a denial of service (DoS) on the system
VAR-202410-0078 CVE-2024-9555 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability, which was classified as critical, has been found in D-Link DIR-605L 2.13B01 BETA. Affected by this issue is the function formSetEasy_Wizard of the file /goform/formSetEasy_Wizard. The manipulation of the argument curTime leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router from D-Link of China. The vulnerability is caused by the curTime parameter of the formSetEasy_Wizard function in the /goform/formSetEasy_Wizard page failing to properly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0061 CVE-2024-9553 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01 BETA. This affects the function formdumpeasysetup of the file /goform/formdumpeasysetup. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router from D-Link of China. The vulnerability is caused by the curTime parameter of the formdumpeasysetup function in the /goform/formdumpeasysetup page failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202410-0055 CVE-2024-9552 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been rated as critical. Affected by this issue is the function formSetWanNonLogin of the file /goform/formSetWanNonLogin. The manipulation of the argument webpage leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router from D-Link of China. The vulnerability is caused by the webpage parameter of the formSetWanNonLogin function in the /goform/formSetWanNonLogin page failing to properly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack
VAR-202410-0066 CVE-2024-9551 D-Link Systems, Inc.  of  DIR-605L  Classic buffer overflow vulnerability in firmware CVSS V2: 9.0
CVSS V3: 8.8
Severity: High
A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. Affected by this vulnerability is the function formSetWanL2TP of the file /goform/formSetWanL2TP. The manipulation of the argument webpage leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of DIR-605L Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DIR-605L is a wireless router from D-Link of China. The vulnerability is caused by the webpage parameter of the formSetWanL2TP function in the /goform/formSetWanL2TP page failing to correctly verify the length of the input data. Remote attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack