caoyebo

5 exploits Active since Feb 2024
CVE-2023-24330 WRITEUP HIGH WRITEUP
D-Link Dir 882 - Command Injection
Command Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows attackers to run arbitrary commands via crafted POST request to /HNAP1/.
CVSS 8.8
CVE-2023-24331 WRITEUP CRITICAL WRITEUP
D-Link Dir 816 <DIR-816_A2_v1.10CNB04 - Command Injection
Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter.
CVSS 9.8
CVE-2023-24332 WRITEUP HIGH WRITEUP
Tenda AC6 <US_AC6V5.0re_V03.03.02.01_cn_TDC01 - Code Injection
A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet.
CVSS 8.1
CVE-2023-24333 WRITEUP HIGH WORKING POC
Tenda AC21 <US_AC21V1.0re_V16.03.08.15_cn_TDC01 - Memory Corruption
A stack overflow vulnerability in Tenda AC21 with firmware version US_AC21V1.0re_V16.03.08.15_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/openSchedWifi.
CVSS 8.8
CVE-2023-24334 WRITEUP HIGH WRITEUP
Tenda AC23 - US_AC23V1.0re_V16.03.07.45_cn_TDC01 - Code Injection
A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter.
CVSS 8.0