SECFORCE/CVE-2018-8941

Releases0

Stars9

D-Link DSL-3782 Code Execution (Proof of Concept)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-8941 ↗	Apr 3, 2018Tuesday, 3 April 2018, 23:29	—	9 HIGH
Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi.