CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-10996

The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

http://www.securityfocus.com/bid/104277
https://github.com/kgsdy/D-Link-DIR-629/blob/master/D-Link-DIR-629-B1.md
http://www.securityfocus.com/bid/104277
https://github.com/kgsdy/D-Link-DIR-629/blob/master/D-Link-DIR-629-B1.md

Products affected by CVE-2018-10996

D-Link » Dir-629-B » Version: N/A

cpe:2.3:h:d-link:dir-629-b:-
D-Link » Dir-629-B Firmware » Version: N/A

cpe:2.3:o:d-link:dir-629-b_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10996

Products

Pricing

Contact Us