all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-534: D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulnerability

Add to bookmarks
May 4, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability.

arbitrary code attackers authentication buffer buffer overflow code code execution d-link exploit link network overflow page remote code remote code execution routers stack var vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-454: SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability 1 day ago | www.zerodayinitiative.com
access access rights attackers authentication +18
ZDI-24-456: NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability 1 day ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +15
ZDI-24-455: SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability 1 day ago | www.zerodayinitiative.com
access access rights arbitrary code attackers +20
ZDI-24-450: (0Day) D-Link D-View execMonitorScript Exposed Dangerous Method Remote Code Execution Vulnerability 2 days ago | www.zerodayinitiative.com
0day arbitrary code attackers authentication +14
ZDI-24-449: (0Day) D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability 2 days ago | www.zerodayinitiative.com
0day arbitrary code attackers authentication +14
ZDI-24-448: (0Day) D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability 2 days ago | www.zerodayinitiative.com
0day arbitrary code attackers authentication +16
ZDI-24-447: (0Day) D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability 2 days ago | www.zerodayinitiative.com
0day attackers authentication authentication bypass +12
ZDI-24-446: (0Day) D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability 2 days ago | www.zerodayinitiative.com
0day arbitrary code attackers authentication +17
ZDI-24-445: (0Day) D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability 2 days ago | www.zerodayinitiative.com
0day attackers authentication cgi +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Penetration Tester, Retail Engineering, Early Career

@ Apple | Austin, Texas, United States
View on infosec-jobs.com

Principal Product Security Engineer

@ Palo Alto Networks | Bengaluru, India
View on infosec-jobs.com

Senior Manager/ Director, Cyber

@ McGrathNicol | Brisbane
View on infosec-jobs.com