Security Vulnerabilities
A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-05-06
A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument host leads to buffer overflow. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-05-06
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-05-06
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVSS Score
3.8
EPSS Score
0.0
Published
2025-05-06
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-05-06
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-05-06
A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-05-06
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-06
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-06
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-06