Dlink: >> Dir-605l Firmware >> 1.13 Security Vulnerabilities
A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw arises from unsafe usage of sprintf() when processing user-supplied CAPTCHA data via the FILECODE parameter in /goform/formLogin. A remote unauthenticated attacker can exploit this to execute arbitrary code with root privileges on the device.
CVSS Score
9.8
EPSS Score
0.599
Published
2025-07-31
Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-09-11
CVE-2014-8361
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
Known exploited
CVSS Score
9.8
EPSS Score
0.94
Published
2015-05-01