badnack

5 exploits Active since Jun 2018
CVE-2017-14948 NOMISEC CRITICAL WRITEUP
D-Link DIR-868L/880L/885L/890L/895L/895R Firmware - Remote Code Execution via CONTENT_TYPE Header Buffer Overflow
Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with ''boundary=' followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution.
3 stars
CVSS 9.8
CVE-2017-14948 WRITEUP CRITICAL WRITEUP
D-Link DIR-868L/880L/885L/890L/895L/895R Firmware - Remote Code Execution via CONTENT_TYPE Header Buffer Overflow
Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with ''boundary=' followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution.
CVSS 9.8
CVE-2018-11560 WRITEUP CRITICAL WRITEUP
Insteon 2864-222 Firmware - Stack-based Buffer Overflow via CGIProxy.fcgi remoteIp Parameter
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.
CVSS 9.8
CVE-2018-12640 WRITEUP CRITICAL WRITEUP
Insteon HD IP Camera White - Buffer Overflow
The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100.
CVSS 9.8
CVE-2019-17532 WRITEUP HIGH WORKING POC
Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS - Denial of Service via Crafted StoreRules Request
An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS devices. They allow remote attackers to cause a denial of service (persistent rules-processing outage) via a crafted ruleDbBody element in a StoreRules request to the upnp/control/rules1 URI, because database corruption occurs.
CVSS 7.5